Vulnerabilities > Incsub > Hummingbird > 3.3.5

DATE CVE VULNERABILITY TITLE RISK
2024-11-01 CVE-2024-43118 Missing Authorization vulnerability in Incsub Hummingbird
Missing Authorization vulnerability in WPMU DEV Hummingbird allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hummingbird: from n/a through 3.9.1.
network
low complexity
incsub CWE-862
8.8
8.8
2023-04-10 CVE-2023-1478 Unspecified vulnerability in Incsub Hummingbird
The Hummingbird WordPress plugin before 3.4.2 does not validate the generated file path for page cache files before writing them, leading to a path traversal vulnerability in the page cache module.
network
low complexity
incsub
critical
 9.8
9.8