Hmplugin: Security Vulnerabilities
Missing Authorization vulnerability in HM Plugin WordPress Stripe Donation and Payment Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Stripe Donation and Payment Plugin: from n/a through 3.2.3.
CVSS Score
5.3
EPSS Score
0.002
Published
2024-10-29
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HM Plugin WordPress Job Board and Recruitment Plugin – JobWP.This issue affects WordPress Job Board and Recruitment Plugin – JobWP: from n/a through 2.1.
CVSS Score
7.5
EPSS Score
0.006
Published
2023-12-21
Unrestricted Upload of File with Dangerous Type vulnerability in HM Plugin WordPress Job Board and Recruitment Plugin – JobWP.This issue affects WordPress Job Board and Recruitment Plugin – JobWP: from n/a through 2.0.
CVSS Score
10.0
EPSS Score
0.048
Published
2023-12-20
Cross-Site Request Forgery (CSRF) vulnerability in HM Plugin WordPress Books Gallery plugin <= 4.4.8 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-05-23
Cross-Site Request Forgery (CSRF) vulnerability in HM Plugin Accept Stripe Donation – AidWP plugin <= 3.1.5 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-03-14
The HM Multiple Roles WordPress plugin before 1.3 does not have any access control to prevent low privilege users to set themselves as admin via their profile page
CVSS Score
8.8
EPSS Score
0.007
Published
2021-08-23