VYPR

Hive Support

by WordPress

Source repositories

CVEs (11)

  • CVE-2024-52370CriNov 14, 2024
    risk 0.64cvss 9.9epss 0.00

    Unrestricted Upload of File with Dangerous Type vulnerability in Hive Support Hive Support hive-support allows Upload a Web Shell to a Web Server.This issue affects Hive Support: from n/a through <= 1.1.1.

  • CVE-2024-54304HigDec 13, 2024
    risk 0.55cvss 8.5epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Hive Support Hive Support hive-support allows SQL Injection.This issue affects Hive Support: from n/a through <= 1.1.2.

  • CVE-2025-32635HigApr 17, 2025
    risk 0.49cvss 7.5epss 0.00

    Insertion of Sensitive Information Into Sent Data vulnerability in Hive Support Hive Support hive-support allows Retrieve Embedded Sensitive Data.This issue affects Hive Support: from n/a through <= 1.2.6.

  • CVE-2025-32666HigApr 17, 2025
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hive Support Hive Support hive-support allows Reflected XSS.This issue affects Hive Support: from n/a through <= 1.2.5.

  • CVE-2025-32242MedApr 10, 2025
    risk 0.42cvss 6.5epss 0.00

    Missing Authorization vulnerability in Hive Support Hive Support hive-support allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Hive Support: from n/a through <= 1.2.5.

  • CVE-2025-32214MedApr 10, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hive Support Hive Support hive-support allows Stored XSS.This issue affects Hive Support: from n/a through <= 1.2.11.

  • CVE-2025-32208MedApr 10, 2025
    risk 0.42cvss 6.5epss 0.00

    Missing Authorization vulnerability in Hive Support Hive Support hive-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hive Support: from n/a through <= 1.2.5.

  • CVE-2025-5018HigJun 6, 2025
    risk 0.39cvss 7.1epss 0.00

    The Hive Support plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the hs_update_ai_chat_settings() and hive_lite_support_get_all_binbox() functions in all versions up to, and including, 1.2.5. This makes it…

  • CVE-2025-5019MedJun 6, 2025
    risk 0.28cvss 5.4epss 0.00

    The Hive Support | AI-Powered Help Desk, Live Chat & AI Chat Bot Plugin for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.5. This is due to missing or incorrect nonce validation on the…

  • CVE-2025-22298MedJan 7, 2025
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in Hive Support Hive Support hive-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hive Support: from n/a through <= 1.1.6.

  • CVE-2024-54321MedDec 13, 2024
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Hive Support Hive Support hive-support allows Cross Site Request Forgery.This issue affects Hive Support: from n/a through <= 1.1.2.