Lucene search
K

82 matches found

RedhatCVE
RedhatCVE
added 2025/02/27 2:35 p.m.9 views

CVE-2025-26912

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hashthemes Easy Elementor Addons easy-elementor-addons allows Stored XSS.This issue affects Easy Elementor Addons: from n/a through = 2.1.6...

6.5CVSS7.2AI score0.00236EPSS
Exploits0References1
NVD
NVD
added 2025/02/25 3:15 p.m.6 views

CVE-2025-26912

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hashthemes Easy Elementor Addons easy-elementor-addons allows Stored XSS.This issue affects Easy Elementor Addons: from n/a through = 2.1.6...

6.5CVSS0.00236EPSS
Exploits0References1
CVE
CVE
added 2025/02/25 2:17 p.m.65 views

CVE-2025-26912

CVE-2025-26912 corresponds to a Stored XSS in HashThemes Easy Elementor Addons. The connected document confirms the vulnerability affects Easy Elementor Addons up to and including 2.1.6, caused by improper input neutralization during web page generation. The issue is client-executable when user-s...

6.5CVSS7.2AI score0.00236EPSS
Exploits0References1
NVD
NVD
added 2025/02/16 11:15 p.m.11 views

CVE-2025-26761

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hashthemes Easy Elementor Addons easy-elementor-addons allows DOM-Based XSS.This issue affects Easy Elementor Addons: from n/a through = 2.1.5...

6.5CVSS0.00216EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/16 10:17 p.m.9 views

CVE-2025-26761 WordPress Easy Elementor Addons plugin <= 2.1.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hashthemes Easy Elementor Addons easy-elementor-addons allows DOM-Based XSS.This issue affects Easy Elementor Addons: from n/a through = 2.1.5...

6.5CVSS8.6AI score0.00216EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/16 10:17 p.m.21 views

CVE-2025-26761 WordPress Easy Elementor Addons plugin <= 2.1.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hashthemes Easy Elementor Addons easy-elementor-addons allows DOM-Based XSS.This issue affects Easy Elementor Addons: from n/a through = 2.1.5...

6.5CVSS0.00216EPSS
Exploits0References1
CVE
CVE
added 2025/02/16 10:17 p.m.69 views

CVE-2025-26761

CVE-2025-26761 describes a DOM-based XSS in WordPress plugin Easy Elementor Addons (affected

6.5CVSS7.2AI score0.00216EPSS
Exploits0References1
OSV
OSV
added 2025/01/07 5:15 p.m.4 views

CVE-2025-22296

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HashThemes Hash Elements.This issue affects Hash Elements: from n/a through 1.4.9...

6.5CVSS5.8AI score0.00237EPSS
Exploits0References1
NVD
NVD
added 2025/01/07 5:15 p.m.30 views

CVE-2025-22296

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hashthemes Hash Elements hash-elements.This issue affects Hash Elements: from n/a through = 1.5.0...

6.5CVSS0.00237EPSS
Exploits0References1
CVE
CVE
added 2025/01/07 4:56 p.m.67 views

CVE-2025-22296

CVE-2025-22296 describes a Cross‑Site Scripting (XSS) vulnerability in WordPress Hash Elements (HashThemes) plugin. Affected versions are 1.4.9 and earlier, with the root cause being improper neutralization of input during web page generation. The impact is XSS exposure via user-supplied data. Re...

6.5CVSS7.2AI score0.00237EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/07 12:0 a.m.7 views

PT-2025-4411 · Hasthemes · Hash Elements

Name of the Vulnerable Software and Affected Versions: HashThemes Hash Elements versions 1.4.9 and earlier Description: The issue is related to improper neutralization of input during web page generation, which can lead to Cross-site Scripting. This allows attackers to inject malicious scripts in...

6.5CVSS6.8AI score0.00237EPSS
Exploits0References7
NVD
NVD
added 2024/12/13 3:15 p.m.7 views

CVE-2023-28990

Missing Authorization vulnerability in HashThemes Viral Mag allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Viral Mag: from n/a through 1.0.9...

4.3CVSS0.00458EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/12/13 3:15 p.m.9 views

CVE-2023-28990

Missing Authorization vulnerability in hashthemes Viral Mag viral-mag allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Viral Mag: from n/a through = 1.0.9...

4.3CVSS5.8AI score0.00458EPSS
Exploits0References3
NVD
NVD
added 2024/12/13 3:15 p.m.9 views

CVE-2023-27456

Missing Authorization vulnerability in HashThemes Total allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Total: from n/a through 2.1.19...

4.3CVSS0.00458EPSS
Exploits0References1
CVE
CVE
added 2024/12/13 2:23 p.m.35 views

CVE-2023-28990

CVE-2023-28990 : WordPress theme Viral Mag (versions ≤ 1.0.9) suffers a Missing Authorization flaw that enables an authenticated user withsubscriber privileges to activate plugins arbitrarily due to broken access control. The issue is classed as a Medium risk with CVSSv3.1 score 4.3 (AV:N/AC:L/PR...

4.3CVSS8.5AI score0.00458EPSS
Exploits0References1
CVE
CVE
added 2024/12/13 2:23 p.m.40 views

CVE-2023-27456

CVE-2023-27456 is a missing-authorization vulnerability in the WordPress plugin/theme set for HashThemes Total (Total theme). It affects versions up to 2.1.19 and allows an authenticated user (subscriber) to activate arbitrary plugins due to incorrectly configured access control. The issue is cha...

4.3CVSS8AI score0.00458EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/12/09 1:15 p.m.5 views

CVE-2023-30486

Missing Authorization vulnerability in hashthemes Square square allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Square: from n/a through = 2.0.0...

4.3CVSS5.8AI score0.00712EPSS
Exploits1References3
NVD
NVD
added 2024/12/09 1:15 p.m.10 views

CVE-2023-30486

Missing Authorization vulnerability in HashThemes Square allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Square: from n/a through 2.0.0...

4.3CVSS0.00712EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/12/09 11:31 a.m.13 views

CVE-2023-30486 WordPress Square theme <= 2.0.0 - Broken Access Control

Missing Authorization vulnerability in hashthemes Square square allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Square: from n/a through = 2.0.0...

4.3CVSS6.9AI score0.00712EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.8 views

PT-2024-12239 · Hasthemes · Hashthemes Square

Name of the Vulnerable Software and Affected Versions: HashThemes Square versions n/a through 2.0.0 Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For HashThemes Square...

4.3CVSS9.4AI score0.00712EPSS
Exploits1References3
Rows per page
Query Builder