Every CVE whose affected-product data names Wpwave Hide My Wp, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2022-4681 — CVSS 9.8 (critical): The Hide My WP WordPress plugin before 6.2.9 does not properly sanitize and escape a parameter before using it in a SQL statement via an…
CVE-2021-36916 — CVSS 8.6 (high): The SQL injection vulnerability in the Hide My WP WordPress plugin (versions <= 6.2.3) is possible because of how the IP address is…
CVE-2021-36917 — CVSS 6.5 (medium): WordPress Hide My WP plugin (versions <= 6.2.3) can be deactivated by any unauthenticated user. It is possible to retrieve a reset token…