Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total4
Critical0
High1
Medium3
Reset
Showing 1-4 of 4 records
Threat Entry Updated 2025-10-06

CVE-2025-9945 - Css Plugin

The Optimize More! – CSS plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.3. This is due to missing or incorrect nonce validation on the reset_plugin function. This makes it possible for unauthenticated attackers to reset the plugin's optimization settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

PLUGIN Css

CVE-2025-9945

MEDIUM CVSS 4.3 2025-10-03
Open Full Technical Breakdown
Threat Entry Updated 2024-11-21

CVE-2024-6547 - Css Plugin

The Add Admin CSS plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.0.1. This is due to the plugin utilizing bootstrap and leaving test files with display_errors on. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website.

PLUGIN Css

CVE-2024-6547

MEDIUM CVSS 5.3 2024-07-27
Open Full Technical Breakdown
Threat Entry Updated 2024-11-21

CVE-2024-3597 - Css Plugin

The Export WP Page to Static HTML/CSS plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 2.2.2. This is due to insufficient validation on the redirect url supplied via the rc_exported_zip_file parameter. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.

PLUGIN Css

CVE-2024-3597

HIGH CVSS 7.1 2024-06-20
Open Full Technical Breakdown
Threat Entry Updated 2025-06-03

CVE-2023-6369 - Css Plugin

The Export WP Page to Static HTML/CSS plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on multiple AJAX actions in all versions up to, and including, 2.1.9. This makes it possible for authenticated attackers, with subscriber-level access and above, to disclose sensitive information or perform unauthorized actions, such as saving advanced plugin settings.

PLUGIN Css

CVE-2023-6369

MEDIUM CVSS 5.4 2024-01-11
Open Full Technical Breakdown
Scroll to top