VYPR

Pre Party Browser Hints

by Samperrow

Source repositories

CVEs (1)

  • CVE-2026-4087MedMar 21, 2026
    risk 0.42cvss 6.5epss 0.00

    The Pre* Party Resource Hints plugin for WordPress is vulnerable to SQL Injection via the 'hint_ids' parameter of the pprh_update_hints AJAX action in all versions up to, and including, 1.8.20. This is due to insufficient escaping on the user supplied parameter and lack of…