CVE-2024-12206

CVE-2024-12206 affects WordPress Header Builder Plugin – Pearl. The vulnerability is a CSRF on the stm_header_builder page that allows unauthenticated attackers to delete headers. It impacts all versions up to and including 1.3.8 due to missing nonce validation. Connected references indicate a pa...

CVE-2024-4000

The CVE CVE-2024-4000 affects the WordPress Header Builder Plugin – Pearl (WordPress) and is a Stored Cross-Site Scripting vulnerability via the stm_hb shortcode. Affected versions are up to 1.3.6, with the issue caused by insufficient input sanitization and output escaping on user-provided short...

CVE-2022-38356

Cross-Site Request Forgery CSRF vulnerability in StylemixThemes WordPress Header Builder Plugin – Pearl plugin = 1.3.4 versions...

CVE-2022-38356

CVE-2022-38356 affects the WordPress plugin “Pearl” (WordPress Header Builder by StylemixThemes) up to version 1.3.4. The vulnerability is a Cross-Site Request Forgery (CSRF) flaw that could enable unauthorized actions. Patch activity shows a fix in version 1.3.5. Patchstack lists the issue as lo...

CVE-2022-38356 WordPress Pearl Plugin <= 1.3.4 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in StylemixThemes WordPress Header Builder Plugin – Pearl plugin = 1.3.4 versions...