CVE-2025-10188 The Hack Repair Guy's Plugin Archiver <= 2.0.4 - Cross-Site Request Forgery to Arbitrary Directory Deletion in /wp-content

The The Hack Repair Guy's Plugin Archiver plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.4. This is due to missing or incorrect nonce validation on the bulkremove function. This makes it possible for unauthenticated attackers to arbitrar...

CVE-2025-10188 The Hack Repair Guy's Plugin Archiver <= 2.0.4 - Cross-Site Request Forgery to Arbitrary Directory Deletion in /wp-content

The The Hack Repair Guy's Plugin Archiver plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.4. This is due to missing or incorrect nonce validation on the bulkremove function. This makes it possible for unauthenticated attackers to arbitrar...

CVE-2025-10188

The Hack Repair Guy's Plugin Archiver for WordPress (up to v2.0.4) is vulnerable to Cross-Site Request Forgery due to missing/incorrect nonce validation on the bulk_remove() function. This can allow unauthenticated attackers to cause arbitrary directory deletion in /wp-content if a site admin is ...

WordPress plugin The Hack Repair Guys Plugin Archiver Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

PT-2025-38112

Name of the Vulnerable Software and Affected Versions: The Hack Repair Guy's Plugin Archiver plugin for WordPress versions up to and including 2.0.4 Description: The Plugin Archiver plugin for WordPress is susceptible to Cross-Site Request Forgery due to missing or incorrect nonce validation on t...

CVE-2025-10176

The The Hack Repair Guy's Plugin Archiver plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the prepareitems function in all versions up to, and including, 2.0.4. This makes it possible for authenticated attackers, with Administrator-level...

WordPress The Hack Repair Guy's Plugin Archiver plugin <= 2.0.4 - Authenticated (Administrator+) Arbitrary File Deletion vulnerability

Authenticated Administrator+ Arbitrary File Deletion vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin The Hack Repair Guy's Plugin Archiver versions = 2.0.4...

CVE-2025-10176 The Hack Repair Guy's Plugin Archiver <= 2.0.4 - Authenticated (Administrator+) Arbitrary File Deletion

The The Hack Repair Guy's Plugin Archiver plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the prepareitems function in all versions up to, and including, 2.0.4. This makes it possible for authenticated attackers, with Administrator-level...

CVE-2025-10176

The CVE-2025-10176 entry concerns The Hack Repair Guy's Plugin Archiver for WordPress, with ARBITRARY FILE DELETION in prepare_items across versions up to 2.0.4. The issue arises from insufficient file path validation, enabling authenticated users with Administrator-level access to delete arbitra...

CVE-2025-10176 The Hack Repair Guy's Plugin Archiver <= 2.0.4 - Authenticated (Administrator+) Arbitrary File Deletion

The The Hack Repair Guy's Plugin Archiver plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the prepareitems function in all versions up to, and including, 2.0.4. This makes it possible for authenticated attackers, with Administrator-level...

PT-2025-37355

Name of the Vulnerable Software and Affected Versions: The Hack Repair Guy's Plugin Archiver plugin for WordPress versions up to and including 2.0.4 Description: The Plugin Archiver plugin for WordPress is susceptible to arbitrary file deletion due to inadequate file path validation within the...

WordPress plugin The Hack Repair Guy s Plugin Archiver Path Traversal Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A path traversal vulnerability exis...