CVE-2025-12128 Hide Categories Or Products On Shop Page <= 1.0.7 - Cross-Site Request Forgery to Settings Update

The Hide Categories Or Products On Shop Page plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.7. This is due to missing or incorrect nonce validation on the savedatahcps function. This makes it possible for unauthenticated attackers to...

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. The WordPress Shop Page plugin suffers from a...