Skip to main content

Happy

2 CVEs product

Monthly

CVE-2026-39593 MEDIUM This Month

Broken access control in the HAPPY WordPress helpdesk and support ticket plugin (versions through 1.0.10) by VillaTheme permits unauthenticated remote attackers to invoke restricted plugin functionality without any authorization check. The vulnerability stems from missing authorization gates on plugin endpoints, classified under CWE-862, enabling limited integrity and availability impact against affected WordPress installations. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog.

Authentication Bypass Happy
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2014-7075 MEDIUM This Month

The HAPPY (aka com.tw.knowhowdesign.sinfonghuei) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Happy
NVD
CVSS 2.0
5.4
EPSS
0.1%
EPSS 0% CVSS 6.5
MEDIUM This Month

Broken access control in the HAPPY WordPress helpdesk and support ticket plugin (versions through 1.0.10) by VillaTheme permits unauthenticated remote attackers to invoke restricted plugin functionality without any authorization check. The vulnerability stems from missing authorization gates on plugin endpoints, classified under CWE-862, enabling limited integrity and availability impact against affected WordPress installations. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog.

Authentication Bypass Happy
NVD VulDB
EPSS 0% CVSS 5.4
MEDIUM This Month

The HAPPY (aka com.tw.knowhowdesign.sinfonghuei) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Happy
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy