VYPR

HAL

by WordPress

CVEs (2)

  • CVE-2023-42558Dec 5, 2023
    risk 0.00cvss epss 0.00

    Out of bounds write vulnerability in HDCP in HAL prior to SMR Dec-2023 Release 1 allows attacker to perform code execution.

  • CVE-2021-39345Oct 15, 2021
    risk 0.00cvss epss 0.01

    The HAL WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/wp-hal.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions…