VYPR

Helloprint

by WordPress

Source repositories

CVEs (4)

  • CVE-2025-26534HigMar 3, 2025
    risk 0.56cvss 8.6epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in helloprint Helloprint helloprint allows Path Traversal.This issue affects Helloprint: from n/a through <= 2.0.7.

  • CVE-2025-26540HigMar 3, 2025
    risk 0.50cvss 7.7epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in helloprint Helloprint helloprint allows Path Traversal.This issue affects Helloprint: from n/a through <= 2.0.7.

  • CVE-2022-3908MedDec 12, 2022
    risk 0.40cvss 6.1epss 0.01

    The Helloprint WordPress plugin before 1.4.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting

  • CVE-2025-13666MedDec 6, 2025
    risk 0.34cvss 5.3epss 0.00

    The Helloprint plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.1.2. This is due to the plugin registering a public REST API endpoint without implementing authorization checks to verify request authenticity. This makes it possible…