WordPress hiWeb Export Posts Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in WordPress hiWeb Export Posts, which stems from missing or incorrect random number validation, and can be exploited by a...

CVE-2025-7640 hiWeb Export Posts <= 0.9.0.0 - Cross-Site Request Forgery to Arbitrary File Deletion

The hiWeb Export Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.9.0.0. This is due to missing or incorrect nonce validation on the tool-dashboard-history.php file. This makes it possible for unauthenticated attackers to delete...

PT-2025-30653 · WordPress · Hiweb Export Posts

Name of the Vulnerable Software and Affected Versions: hiWeb Export Posts plugin for WordPress versions up to and including 0.9.0.0 Description: The hiWeb Export Posts plugin for WordPress is susceptible to Cross-Site Request Forgery due to missing or incorrect nonce validation on the...

WordPress plugin hiWeb Export Posts 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in WordPress hiWeb Export Posts, which stems from missing or incorrect random number validation, and can be exploited by a...