Hummingbird CVEs and Security Vulnerabilities - OpenCVE

Filtered by vendor Incsub Subscriptions

Filtered by product Hummingbird Subscriptions

Search

Switch to Advanced Search (Beta)

Total 4 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-32792	1 Incsub	1 Hummingbird	2025-05-29	4.3 Medium
Missing Authorization vulnerability in WPMU DEV Hummingbird.This issue affects Hummingbird: from n/a through 3.7.3.
CVE-2024-43118	1 Incsub	1 Hummingbird	2025-05-15	4.3 Medium
Missing Authorization vulnerability in WPMU DEV Hummingbird allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hummingbird: from n/a through 3.9.1.
CVE-2023-1478	1 Incsub	1 Hummingbird	2025-02-11	9.8 Critical
The Hummingbird WordPress plugin before 3.4.2 does not validate the generated file path for page cache files before writing them, leading to a path traversal vulnerability in the page cache module.
CVE-2022-0994	1 Incsub	1 Hummingbird	2024-11-21	4.8 Medium
The Hummingbird WordPress plugin before 3.3.2 does not sanitise and escape the Config Name, which could allow high privilege users, such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

Page 1 of 1.