VYPR

Minify HTML

by WordPress

Source repositories

CVEs (3)

  • CVE-2026-3191MedMar 31, 2026
    risk 0.28cvss 5.4epss 0.00

    The Minify HTML plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.12. This is due to missing or incorrect nonce validation on the 'minify_html_menu_options' function. This makes it possible for unauthenticated attackers to…

  • CVE-2023-26014MedMay 23, 2023
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Tim Eckel Minify HTML plugin <= 2.1.7 vulnerability.

  • CVE-2024-12579MedDec 13, 2024
    risk 0.27cvss 5.3epss 0.00

    The Minify HTML plugin for WordPress is vulnerable to Regular Expression Denial of Service (ReDoS) in all versions up to, and including, 2.1.10. This is due to processing user-supplied input as a regular expression. This makes it possible for unauthenticated attackers to create…