CVE-2025-9896

The HidePost plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3.8. This is due to missing or incorrect nonce validation on the options.php settings page. This makes it possible for unauthenticated attackers to modify plugin settings via a...

CVE-2025-9896 HidePost <= 2.3.8 - Cross-Site Request Forgery

The HidePost plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3.8. This is due to missing or incorrect nonce validation on the options.php settings page. This makes it possible for unauthenticated attackers to modify plugin settings via a...

WordPress HidePost plugin <= 2.3.8 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin HidePost versions = 2.3.8...

WordPress plugin HidePost 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...