Vulnerabilities > Hmplugin
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-29 | CVE-2024-50459 | Missing Authorization vulnerability in Hmplugin Aidwp Missing Authorization vulnerability in HM Plugin WordPress Stripe Donation and Payment Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Stripe Donation and Payment Plugin: from n/a through 3.2.3. | 9.8 |
| 2023-12-21 | CVE-2023-48288 | Information Exposure vulnerability in Hmplugin Jobwp Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HM Plugin WordPress Job Board and Recruitment Plugin – JobWP.This issue affects WordPress Job Board and Recruitment Plugin – JobWP: from n/a through 2.1. | 7.5 |
| 2023-12-20 | CVE-2023-29384 | Unrestricted Upload of File with Dangerous Type vulnerability in Hmplugin Jobwp Unrestricted Upload of File with Dangerous Type vulnerability in HM Plugin WordPress Job Board and Recruitment Plugin – JobWP.This issue affects WordPress Job Board and Recruitment Plugin – JobWP: from n/a through 2.0. | 9.8 |
| 2023-05-23 | CVE-2023-23705 | Cross-Site Request Forgery (CSRF) vulnerability in Hmplugin Wordpress Books Gallery Cross-Site Request Forgery (CSRF) vulnerability in HM Plugin WordPress Books Gallery plugin <= 4.4.8 versions. | 8.8 |
| 2023-03-14 | CVE-2022-47422 | Cross-Site Request Forgery (CSRF) vulnerability in Hmplugin Accept Stripe Donation - Aidwp Cross-Site Request Forgery (CSRF) vulnerability in HM Plugin Accept Stripe Donation – AidWP plugin <= 3.1.5 versions. | 8.8 |
| 2021-08-23 | CVE-2021-24602 | Incorrect Resource Transfer Between Spheres vulnerability in Hmplugin HM multiple Roles The HM Multiple Roles WordPress plugin before 1.3 does not have any access control to prevent low privilege users to set themselves as admin via their profile page | 8.8 |