WordPress plugin Hummingbird security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Hummingbird plugin <= 3.7.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin Hummingbird versions = 3.7.3...

WordPress Hummingbird Plugin <= 3.7.3 is vulnerable to Broken Access Control

Software Hummingbird Type Plugin Vulnerable versions = 3.7.3 Fixed in 3.7.4 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32792 Patch priority Low CVSS severity Low 4.3 Developer WPMU DEV PSID 9b701eb20e44 Credits Peng Zhou Required privilege...

WordPress Hummingbird Plugin < 3.4.2 is vulnerable to Path Traversal

Software Hummingbird Type Plugin Vulnerable versions 3.4.2 Fixed in 3.4.2 OWASP Top 10 A3: Sensitive Data Exposure Classification Path Traversal CVE CVE-2023-1478 Patch priority High CVSS severity High 8.6 Developer WPMU DEV PSID 237afa7a6db1 Credits Karol Mazurek AFINE Required privilege...

CVE-2023-1478

The Hummingbird WordPress plugin before 3.4.2 does not validate the generated file path for page cache files before writing them, leading to a path traversal vulnerability in the page cache module...

CVE-2023-1478 Hummingbird < 3.4.2 - Unauthenticated Path Traversal

The Hummingbird WordPress plugin before 3.4.2 does not validate the generated file path for page cache files before writing them, leading to a path traversal vulnerability in the page cache module...

WordPress plugin Hummingbird 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A path traversal vulnerability exis...

PT-2023-17015 · WordPress · Hummingbird

Name of the Vulnerable Software and Affected Versions: Hummingbird WordPress plugin versions prior to 3.4.2 Description: The issue is related to a path traversal vulnerability in the page cache module of the Hummingbird WordPress plugin. This vulnerability occurs because the plugin does not...

CVE-2022-0994

The Hummingbird WordPress plugin before 3.3.2 does not sanitise and escape the Config Name, which could allow high privilege users, such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2022-0994

The Hummingbird WordPress plugin before 3.3.2 does not sanitise and escape the Config Name, which could allow high privilege users, such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

WordPress Hummingbird plugin跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is an open source application plugin for WordPress. WordPress Hummingbird plugin version 3.3.2 previously had a cross-site scripting vulnerability that could be exploited by attacke...

WordPress和WordPress plugin 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is an open source application plugin for WordPress. WordPress Hummingbird plugin version 3.3.2 previously had a cross-site scripting vulnerability that could be exploited by attacke...

WordPress Hummingbird Plugin < 3.3.2 - Stored Cross-Site Scripting Vulnerability

Tittle: WordPress Plugin Hummingbird Configs edit the "Name and Description" and put the following payload in the Name field: Save and Click 'Apply' to trigger the XSS Go to Hummingbird's Settings Configs and Upload the following config "id": 1, "name": "", "description": "Xss", "config":...

WordPress Hummingbird plugin <= 3.3.1 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Taurus Omar in WordPress Hummingbird plugin versions = 3.3.1. Solution Update the WordPress Hummingbird plugin to the latest available version at least 3.3.2...