VYPR

Hidepost

by WordPress

Source repositories

CVEs (2)

  • CVE-2025-53310HigJun 27, 2025
    risk 0.46cvss 7.1epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Funnnny HidePost hidepost allows Reflected XSS.This issue affects HidePost: from n/a through <= 2.3.8.

  • CVE-2025-9896MedSep 27, 2025
    risk 0.28cvss 4.3epss 0.00

    The HidePost plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3.8. This is due to missing or incorrect nonce validation on the options.php settings page. This makes it possible for unauthenticated attackers to modify plugin…