Vulnerabilities > Hashthemes

DATE	CVE	VULNERABILITY TITLE	RISK
2024-12-12	CVE-2024-12201	Missing Authorization vulnerability in Hashthemes Hash Form The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to unauthorized access due to a missing capability check when creating form styles in all versions up to, and including, 1.2.1. network low complexity hashthemes CWE-862	4.3
2024-10-05	CVE-2024-9417	Unrestricted Upload of File with Dangerous Type vulnerability in Hashthemes Hash Form The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to limited file uploads due to a misconfigured file type validation in the 'handleUpload' function in all versions up to, and including, 1.1.9. network low complexity hashthemes CWE-434	6.1
2024-05-23	CVE-2024-5085	Deserialization of Untrusted Data vulnerability in Hashthemes Hash Form The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1.0 via deserialization of untrusted input in the 'process_entry' function. network low complexity hashthemes CWE-502 critical	9.8
2024-03-29	CVE-2024-30426	Unspecified vulnerability in Hashthemes Hash Elements Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HashThemes Hash Elements allows Stored XSS.This issue affects Hash Elements: from n/a through 1.3.3. network low complexity hashthemes	5.4

Vulnerabilities > Hashthemes {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Hashthemes"}]}