Vulnerabilities > Hasthemes

DATE CVE VULNERABILITY TITLE RISK
2023-07-11 CVE-2023-23791 Cross-Site Request Forgery (CSRF) vulnerability in Hasthemes HT Menu
Cross-Site Request Forgery (CSRF) vulnerability in HasThemes HT Menu plugin <= 1.2.1 versions.
network
low complexity
hasthemes CWE-352
8.8
8.8
2023-07-11 CVE-2023-23803 Cross-Site Request Forgery (CSRF) vulnerability in Hasthemes Justtables
Cross-Site Request Forgery (CSRF) vulnerability in HasThemes JustTables plugin <= 1.4.9 versions.
network
low complexity
hasthemes CWE-352
8.8
8.8
2023-07-11 CVE-2023-23792 Cross-Site Request Forgery (CSRF) vulnerability in Hasthemes Swatchly
Cross-Site Request Forgery (CSRF) vulnerability in HasThemes Swatchly plugin <= 1.2.0 versions.
network
low complexity
hasthemes CWE-352
8.8
8.8
2023-07-10 CVE-2023-23804 Cross-Site Request Forgery (CSRF) vulnerability in Hasthemes HT Feed
Cross-Site Request Forgery (CSRF) vulnerability in HasThemes HT Feed plugin <= 1.2.7 versions.
network
low complexity
hasthemes CWE-352
8.8
8.8
2023-06-15 CVE-2023-23802 Cross-Site Request Forgery (CSRF) vulnerability in Hasthemes HT Easy GA4 (Google Analytics 4)
Cross-Site Request Forgery (CSRF) vulnerability in HasThemes HT Easy GA4 ( Google Analytics 4 ) plugin <= 1.0.6 versions.
network
low complexity
hasthemes CWE-352
8.8
8.8
2023-04-06 CVE-2023-23801 Cross-Site Request Forgery (CSRF) vulnerability in Hasthemes Really Simple Google TAG Manager
Cross-Site Request Forgery (CSRF) vulnerability in HasThemes Really Simple Google Tag Manager plugin <= 1.0.6 versions.
network
low complexity
hasthemes CWE-352
8.8
8.8
2023-03-27 CVE-2023-0484 Unspecified vulnerability in Hasthemes Contact Form 7 Widget for Elementor Page Builder & Gutenberg Blocks
The Contact Form 7 Widget For Elementor Page Builder & Gutenberg Blocks WordPress plugin before 1.1.6 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack
network
low complexity
hasthemes
4.3
4.3
2023-03-27 CVE-2023-0495 Unspecified vulnerability in Hasthemes HT Slider for Elementor
The HT Slider For Elementor WordPress plugin before 1.4.0 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack
network
low complexity
hasthemes
4.3
4.3
2023-03-27 CVE-2023-0496 Unspecified vulnerability in Hasthemes HT Event
The HT Event WordPress plugin before 1.4.6 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack
network
low complexity
hasthemes
4.3
4.3
2023-03-27 CVE-2023-0497 Unspecified vulnerability in Hasthemes HT Portfolio
The HT Portfolio WordPress plugin before 1.1.6 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack
network
low complexity
hasthemes
4.3
4.3