VYPR

The Hack Repair Guy's Plugin Archiver

by WordPress

CVEs (2)

  • CVE-2025-10176HigSep 12, 2025
    risk 0.47cvss 7.2epss 0.01

    The The Hack Repair Guy's Plugin Archiver plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the prepare_items function in all versions up to, and including, 2.0.4. This makes it possible for authenticated attackers, with…

  • CVE-2025-10188MedSep 17, 2025
    risk 0.35cvss 5.4epss 0.00

    The The Hack Repair Guy's Plugin Archiver plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.4. This is due to missing or incorrect nonce validation on the bulk_remove() function. This makes it possible for unauthenticated…