Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

18 matches found

RedhatCVE
RedhatCVEadded 2026/04/01 5:3 p.m.1 views

CVE-2026-3191

The Minify HTML plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.12. This is due to missing or incorrect nonce validation on the 'minifyhtmlmenuoptions' function. This makes it possible for unauthenticated attackers to update plugin settin...

5.4CVSS5.8AI score0.00006EPSS
Exploits0References1
EUVD
EUVDadded 2026/03/31 12:31 p.m.0 views

EUVD-2026-17367

The Minify HTML plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.12. This is due to missing or incorrect nonce validation on the 'minifyhtmlmenuoptions' function. This makes it possible for unauthenticated attackers to update plugin settin...

5.4CVSS5.8AI score0.00006EPSS
Exploits0References4
NVD
NVDadded 2026/03/31 12:16 p.m.1 views

CVE-2026-3191

The Minify HTML plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.12. This is due to missing or incorrect nonce validation on the 'minifyhtmlmenuoptions' function. This makes it possible for unauthenticated attackers to update plugin settin...

5.4CVSS0.00006EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/03/31 11:18 a.m.0 views

CVE-2026-3191

The Minify HTML plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.12. This is due to missing or incorrect nonce validation on the 'minifyhtmlmenuoptions' function. This makes it possible for unauthenticated attackers to update plugin settin...

5.4CVSS5.8AI score0.00006EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/03/31 11:18 a.m.0 views

CVE-2026-3191 Minify HTML <= 2.1.12 - Cross-Site Request Forgery to Plugin Settings Update

The Minify HTML plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.12. This is due to missing or incorrect nonce validation on the 'minifyhtmlmenuoptions' function. This makes it possible for unauthenticated attackers to update plugin settin...

5.4CVSS5.8AI score0.00006EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/03/31 11:18 a.m.21 views

CVE-2026-3191 Minify HTML <= 2.1.12 - Cross-Site Request Forgery to Plugin Settings Update

The Minify HTML plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.12. This is due to missing or incorrect nonce validation on the 'minifyhtmlmenuoptions' function. This makes it possible for unauthenticated attackers to update plugin settin...

5.4CVSS0.00006EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/03/26 3:10 p.m.2 views

CVE-2026-1392

The SR WP Minify HTML plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1. This is due to missing nonce validation on the srminifyhtmltheme function. This makes it possible for unauthenticated attackers to update plugin settings via a forged...

4.3CVSS5.7AI score0.00016EPSS
Exploits0References1
NVD
NVDadded 2026/03/21 4:16 a.m.1 views

CVE-2026-1392

The SR WP Minify HTML plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1. This is due to missing nonce validation on the srminifyhtmltheme function. This makes it possible for unauthenticated attackers to update plugin settings via a forged...

4.3CVSS0.00016EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/03/21 3:26 a.m.3 views

CVE-2026-1392 SR WP Minify HTML <= 2.1 - Cross-Site Request Forgery to Settings Update

The SR WP Minify HTML plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1. This is due to missing nonce validation on the srminifyhtmltheme function. This makes it possible for unauthenticated attackers to update plugin settings via a forged...

4.3CVSS5.7AI score0.00016EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/05/23 9:26 a.m.3 views

CVE-2024-12579

The Minify HTML plugin for WordPress is vulnerable to Regular Expression Denial of Service ReDoS in all versions up to, and including, 2.1.10. This is due to processing user-supplied input as a regular expression. This makes it possible for unauthenticated attackers to create comments that can...

5.3CVSS6.6AI score0.00485EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 5:38 a.m.1 views

CVE-2023-26014

Cross-Site Request Forgery CSRF vulnerability in Tim Eckel Minify HTML plugin = 2.1.7 vulnerability...

8.8CVSS6.8AI score0.00106EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/12/13 4:23 a.m.13 views

CVE-2024-12579 Minify HTML <= 2.1.10 - - Regular Expressions Denial of Service

The Minify HTML plugin for WordPress is vulnerable to Regular Expression Denial of Service ReDoS in all versions up to, and including, 2.1.10. This is due to processing user-supplied input as a regular expression. This makes it possible for unauthenticated attackers to create comments that can...

5.3CVSS0.00485EPSS
Exploits0References2
CVE
CVEadded 2024/12/13 4:23 a.m.41 views

CVE-2024-12579

The CVE-2024-12579 entry concerns the Minify HTML plugin for WordPress. According to Red Hat and Wordfence sources, the vulnerability is a Regular Expression Denial of Service (ReDoS) caused by processing user-supplied input as a regular expression. It affects all versions up to and including 2.1...

5.3CVSS5.2AI score0.00485EPSS
Exploits0References2
NVD
NVDadded 2023/05/23 3:15 p.m.10 views

CVE-2023-26014

Cross-Site Request Forgery CSRF vulnerability in Tim Eckel Minify HTML plugin = 2.1.7 vulnerability...

8.8CVSS5.8AI score0.00106EPSS
Exploits0References1
OSV
OSVadded 2023/05/23 3:15 p.m.0 views

CVE-2023-26014

Cross-Site Request Forgery CSRF vulnerability in Tim Eckel Minify HTML plugin = 2.1.7 vulnerability...

8.8CVSS7.3AI score
Exploits0References1
CVE
CVEadded 2023/05/23 2:36 p.m.44 views

CVE-2023-26014

CVE-2023-26014 concerns the WordPress Minify HTML Plugin, affected in versions &lt;= 2.1.7. The vulnerability is CSRF (Cross-Site Request Forgery) that can be exploited without authentication. Patchstack’s entry states the issue is fixed in version 2.1.8. The Initial Description confirms the CSRF...

8.8CVSS6.5AI score0.00106EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2023/05/23 2:36 p.m.7 views

CVE-2023-26014 WordPress Minify HTML Plugin <= 2.1.7 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Tim Eckel Minify HTML plugin = 2.1.7 vulnerability...

4.3CVSS6.9AI score0.00106EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2023/05/23 12:0 a.m.1 views

PT-2023-20426 · Unknown · Tim Eckel Minify Html Plugin

Name of the Vulnerable Software and Affected Versions: Tim Eckel Minify HTML plugin versions = 2.1.7 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web...

8.8CVSS8.7AI score0.00106EPSS
Exploits0References4
Rows per page
Query Builder