Sensitive Data Exposure in Hive Support Plugin by Patchstack
CVE-2025-32635

7.5HIGH

Key Information:

Vendor: Hive Support
Status: Hive Support
Vendor: CVE Published:; 17 April 2025

🔔 Create Hive Support Vulnerability Alert

What is CVE-2025-32635?

The Hive Support plugin for WordPress contains a vulnerability that enables the retrieval of embedded sensitive data, potentially exposing confidential information to unauthorized parties. This issue affects versions from n/a through 1.2.2, making it crucial for users of this plugin to assess their security posture and take necessary actions to mitigate risks associated with sensitive data exposure. Regular updates and monitoring are recommended to safeguard against such vulnerabilities.

Affected Version(s)

Hive Support <= 1.2.2

References

https://patchstack.com/database/wordpress/plugin/hive-sup...

vdb-entry

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 17, 2025
Vulnerability Reserved
Apr 9, 2025

Credit

stealthcopter (Patchstack Alliance)

JSON