Lucene search
+L

3 matches found

Vulnrichment
Vulnrichment
added 2025/06/06 6:42 a.m.24 views

CVE-2025-5018 Hive Support <= 1.2.5 - Authenticated (Subscriber+) Missing Authorization via hs_update_ai_chat_settings and hive_lite_support_get_all_binbox

The Hive Support plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the hsupdateaichatsettings and hivelitesupportgetallbinbox functions in all versions up to, and including, 1.2.5. This makes it possible for authenticated...

7.1CVSS5.8AI score0.00272EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/06/06 6:42 a.m.15 views

CVE-2025-5018 Hive Support <= 1.2.5 - Authenticated (Subscriber+) Missing Authorization via hs_update_ai_chat_settings and hive_lite_support_get_all_binbox

The Hive Support plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the hsupdateaichatsettings and hivelitesupportgetallbinbox functions in all versions up to, and including, 1.2.5. This makes it possible for authenticated...

7.1CVSS0.00272EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/06/05 8:10 p.m.10 views

WordPress Hive Support plugin <= 1.2.5 - Authenticated (Subscriber+) Missing Authorization via hs_update_ai_chat_settings and hive_lite_support_get_all_binbox vulnerability

Authenticated Subscriber+ Missing Authorization via hsupdateaichatsettings and hivelitesupportgetallbinbox vulnerability discovered by Vo Thi Ngoc Nhi in WordPress Plugin Hive Support versions = 1.2.5...

7.1CVSS6.8AI score0.00272EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder