CVE-2026-24618 WordPress Hash Elements plugin <= 1.5.4 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in HashThemes Hash Elements allows Retrieve Embedded Sensitive Data. This issue affects Hash Elements: from n/a through 1.5.4...

CVE-2026-24618

CVE-2026-24618 affects the WordPress Hash Elements plugin (Hash Elements) versions up to 1.5.4. The vulnerability is described as Exposure of Sensitive System Information to an Unauthorized Control Sphere, enabling retrieval of embedded sensitive data. According to the provided sources, the CVSS ...

WordPress Hash Elements plugin <= 1.5.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin Hash Elements versions = 1.5.0...

WordPress Hash Elements plugin <= 1.4.7 - Missing Authorization to Unauthenticated Draft Post Title Exposure vulnerability

Missing Authorization to Unauthenticated Draft Post Title Exposure vulnerability discovered by Francesco Carlucci in WordPress Plugin Hash Elements versions = 1.4.7...

WordPress Hash Elements Plugin <= 1.4.7 is vulnerable to Broken Access Control

Software Hash Elements Type Plugin Vulnerable versions = 1.4.7 Fixed in 1.4.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10802 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 100e3ce93b18 Credits Francesco Carlucci Required...

WordPress Hash Elements Plugin <= 1.3.3 is vulnerable to Cross Site Scripting (XSS)

Software Hash Elements Type Plugin Vulnerable versions = 1.3.3 Fixed in 1.3.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-30426 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8e463e127c50 Credits Khalid Yusuf Required privilege...