3 matches found
CVE-2025-7640
The hiWeb Export Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.9.0.0. This is due to missing or incorrect nonce validation on the tool-dashboard-history.php file. This makes it possible for unauthenticated attackers to delete...
CVE-2025-7640
CVE-2025-7640 affects the hiWeb Export Posts WordPress plugin (versions ≤ 0.9.0.0). The vulnerability is a Cross-Site Request Forgery due to missing/incorrect nonce validation in tool-dashboard-history.php, allowing unauthenticated attackers to delete arbitrary files and potentially trigger remot...
WordPress hiWeb Export Posts plugin <= 0.9.0.0 - Cross-Site Request Forgery to Arbitrary File Deletion vulnerability
Cross-Site Request Forgery to Arbitrary File Deletion vulnerability discovered by johska in WordPress Plugin hiWeb Export Posts versions = 0.9.0.0...