Vulnerabilidades en HashThemes
27 resultadosCVE-2024-5084CRITICALHash Form – Drag & Drop Form Builder <= 1.1.0 - Unauthenticated Arbitrary File Upload to Remote Code ExecutionEPSS 50.9%CVE-2021-39333HIGHHashthemes Demo Importer <= 1.1.1 Improper Access Control Allowing Content DeletionEPSS 1.0%CVE-2024-5085HIGHHash Form – Drag & Drop Form Builder <= 1.1.0 - Unauthenticated PHP Object InjectionEPSS 0.8%CVE-2023-30486MEDIUMWordPress Square theme <= 2.0.0 - Broken Access ControlEPSS 0.7%CVE-2024-10802MEDIUMHash Elements <= 1.4.7 - Missing Authorization to Unauthenticated Draft Post Title ExposureEPSS 0.6%CVE-2023-33923MEDIUMBroken Access Control leading to Arbitrary Plugin Activation in multiple HashThemes themesEPSS 0.5%CVE-2025-58973HIGHWordPress Easy Elementor Addons Plugin <= 2.2.8 - Local File Inclusion VulnerabilityEPSS 0.5%CVE-2023-27456MEDIUMWordPress Total theme <= 2.1.19 - Authenticated Arbitrary Plugin ActivationEPSS 0.5%CVE-2023-28990MEDIUMWordPress Viral Mag theme <= 1.0.9 - Authenticated Arbitrary Plugin Activation VulnerabilityEPSS 0.5%CVE-2024-1771MEDIUMTotal <= 2.1.59 - Missing Authorization to Authenticated (Subscriber+) Sections UpdateEPSS 0.4%CVE-2024-12201MEDIUMHash Form <= 1.2.1 - Missing Authorization to Authenticated (Contributor+) Form Style CreationEPSS 0.4%CVE-2024-30426MEDIUMWordPress Hash Elements plugin <= 1.3.3 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2024-9417MEDIUMHash Form - Drag & Drop Form Builder <= 1.1.9 - Unauthenticated Limited File UploadEPSS 0.3%CVE-2024-5177MEDIUMHash Elements <= 1.3.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Parameter in Multiple WidgetsEPSS 0.3%CVE-2025-9045MEDIUMEasy Elementor Addons <= 2.2.9 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2024-49270MEDIUMWordPress Smart Blocks plugin <= 2.0 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-22296MEDIUMWordPress Hash Elements plugin <= 1.5.0 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-26912MEDIUMWordPress Easy Elementor Addons plugin <= 2.1.6 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-59561MEDIUMWordPress Smart Blocks Plugin <= 2.4 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-26761MEDIUMWordPress Easy Elementor Addons plugin <= 2.1.5 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%