Vulnerabilities > Hasthemes

DATE CVE VULNERABILITY TITLE RISK
2024-11-04 CVE-2024-51682 Cross-site Scripting vulnerability in Hasthemes HT Builder
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HasThemes HT Builder – WordPress Theme Builder for Elementor allows Stored XSS.This issue affects HT Builder – WordPress Theme Builder for Elementor: from n/a through 1.3.0.
network
low complexity
hasthemes CWE-79
5.4
2024-10-20 CVE-2024-49630 Cross-site Scripting vulnerability in Hasthemes WP Education
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HT Plugins WP Education allows Stored XSS.This issue affects WP Education: from n/a through 1.2.8.
network
low complexity
hasthemes CWE-79
5.4
2024-09-25 CVE-2024-8910 Unspecified vulnerability in Hasthemes HT Mega
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.5 via the render function in includes/widgets/htmega_accordion.php.
network
low complexity
hasthemes
4.3
2024-09-25 CVE-2024-8668 Cross-site Scripting vulnerability in Hasthemes Woolentor - Woocommerce Elementor Addons + Builder
The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the tooltip and countdown functionality in all versions up to, and including, 2.9.7 due to insufficient input sanitization and output escaping.
network
low complexity
hasthemes CWE-79
5.4
2024-06-08 CVE-2024-35699 Unspecified vulnerability in Hasthemes HT Feed
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HasThemes HT Feed allows Stored XSS.This issue affects HT Feed: from n/a through 1.2.8.
network
low complexity
hasthemes
5.4
2023-12-29 CVE-2023-50901 Unspecified vulnerability in Hasthemes HT Mega
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes HT Mega – Absolute Addons For Elementor allows Reflected XSS.This issue affects HT Mega – Absolute Addons For Elementor: from n/a through 2.3.8.
network
low complexity
hasthemes
6.1
2023-12-29 CVE-2023-51372 Unspecified vulnerability in Hasthemes Hashbar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes HashBar – WordPress Notification Bar allows Stored XSS.This issue affects HashBar – WordPress Notification Bar: from n/a through 1.4.1.
network
low complexity
hasthemes
4.8
2023-08-30 CVE-2023-32962 Unspecified vulnerability in Hasthemes Wishsuite
Auth.
network
low complexity
hasthemes
4.8
2023-07-17 CVE-2022-47172 Unspecified vulnerability in Hasthemes Woolentor - Woocommerce Elementor Addons + Builder
Cross-Site Request Forgery (CSRF) vulnerability in HasThemes ShopLentor plugin <= 2.6.2 versions.
network
low complexity
hasthemes
8.8
2023-07-11 CVE-2023-23731 Unspecified vulnerability in Hasthemes Wishsuite
Cross-Site Request Forgery (CSRF) vulnerability in HasTheme WishSuite plugin <= 1.3.3 versions.
network
low complexity
hasthemes
8.8