Lucene search

Hmplugin Security Vulnerabilities

cve

CVE-2021-24602

The HM Multiple Roles WordPress plugin before 1.3 does not have any access control to prevent low privilege users to set themselves as admin via their profile page

8.8CVSS

8.6AI Score

0.001EPSS

2021-08-23 12:15 PM

cve

CVE-2022-47422

Cross-Site Request Forgery (CSRF) vulnerability in HM Plugin Accept Stripe Donation – AidWP plugin <= 3.1.5 versions.

8.8CVSS

8.8AI Score

0.001EPSS

2023-03-14 09:15 AM

cve

CVE-2023-23705

Cross-Site Request Forgery (CSRF) vulnerability in HM Plugin WordPress Books Gallery plugin <= 4.4.8 versions.

8.8CVSS

8.8AI Score

0.001EPSS

2023-05-23 02:15 PM

cve

CVE-2023-29384

Unrestricted Upload of File with Dangerous Type vulnerability in HM Plugin WordPress Job Board and Recruitment Plugin – JobWP.This issue affects WordPress Job Board and Recruitment Plugin – JobWP: from n/a through 2.0.

10CVSS

9.4AI Score

0.001EPSS

2023-12-20 07:15 PM

cve

CVE-2023-48288

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HM Plugin WordPress Job Board and Recruitment Plugin – JobWP.This issue affects WordPress Job Board and Recruitment Plugin – JobWP: from n/a through 2.1.

7.5CVSS

7.4AI Score

0.001EPSS

2023-12-21 02:15 PM