Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total2

Critical0

High1

Medium1

Search Severity Year Type Sort Order

Reset

Showing 1-2 of 2 records

Threat Entry Updated 2024-12-06

CVE-2024-11585 - Wp Hide Security Enhancer Plugin

The WP Hide & Security Enhancer plugin for WordPress is vulnerable to arbitrary file contents deletion due to a missing authorization and insufficient file path validation in the file-process.php in all versions up to, and including, 2.5.1. This makes it possible for unauthenticated attackers to delete the contents of arbitrary files on the server, which can break the site or lead to data loss.

PLUGIN Wp Hide Security Enhancer

CVE-2024-11585

HIGH CVSS 7.5 2024-12-06

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2024-11-21

CVE-2022-2538 - Wp Hide Security Enhancer Plugin

The WP Hide & Security Enhancer WordPress plugin before 1.8 does not escape a parameter before outputting it back in an attribute of a backend page, leading to a Reflected Cross-Site Scripting

PLUGIN Wp Hide Security Enhancer

CVE-2022-2538

MEDIUM CVSS 6.1 2022-08-29

Risk Score

Open Full Technical Breakdown

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2024-11585 - Wp Hide Security Enhancer Plugin

CVE-2022-2538 - Wp Hide Security Enhancer Plugin

Company Links

Contact Us