php: heap-based buffer overflow in array_merge()

A flaw was found in PHP. A heap-based buffer overflow occurs in the arraymerge function when the total element count of packed arrays exceeds the 32-bit limit or the internal HTMAXSIZE due to an integer overflow in the precomputation of element counts using the zendhashnumelements function, causi...

CLSA-2026-1769445556 php: Fix of CVE-2025-14178

CVE-2025-14178: fix heap buffer overflow in arraymerge due to integer overflow in zendhashnumelements precomputation...

EUVD-2024-28347

Malicious code in bioql PyPI...

EUVD-2025-2696

Malicious code in bioql PyPI...

EUVD-2024-33307

Malicious code in bioql PyPI...

CVE-2025-22296

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hashthemes Hash Elements hash-elements.This issue affects Hash Elements: from n/a through = 1.5.0...

CVE-2024-30426

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HashThemes Hash Elements allows Stored XSS.This issue affects Hash Elements: from n/a through 1.3.3...

CVE-2024-5177

The Hash Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'url' parameter within multiple widgets in all versions up to, and including, 1.3.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-10802

The Hash Elements plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the hashelementsgetpoststitlebyid function in all versions up to, and including, 1.4.7. This makes it possible for unauthenticated attackers to retrieve draft post titles that...

Triple-Identity Authentication: the Future of Secure Access

In a typical authentication process, the local system verifies the user's identity using a stored hash value generated by a cross-system hash algorithm. This article shifts the research focus from traditional password encryption to the establishment of gatekeeping mechanisms for effective...

WordPress plugin Hash Elements cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Hash...

CVE-2025-22296

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HashThemes Hash Elements.This issue affects Hash Elements: from n/a through 1.4.9...

CVE-2025-22296

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hashthemes Hash Elements hash-elements.This issue affects Hash Elements: from n/a through = 1.5.0...

CVE-2025-22296

CVE-2025-22296 describes a Cross‑Site Scripting (XSS) vulnerability in WordPress Hash Elements (HashThemes) plugin. Affected versions are 1.4.9 and earlier, with the root cause being improper neutralization of input during web page generation. The impact is XSS exposure via user-supplied data. Re...

CVE-2025-22296 WordPress Hash Elements plugin <= 1.5.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hashthemes Hash Elements hash-elements.This issue affects Hash Elements: from n/a through = 1.5.0...

CVE-2025-22296 WordPress Hash Elements plugin <= 1.4.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HashThemes Hash Elements.This issue affects Hash Elements: from n/a through 1.4.9...

WordPress plugin Hash Elements 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Hash...

PT-2025-4411 · Hasthemes · Hash Elements

Name of the Vulnerable Software and Affected Versions: HashThemes Hash Elements versions 1.4.9 and earlier Description: The issue is related to improper neutralization of input during web page generation, which can lead to Cross-site Scripting. This allows attackers to inject malicious scripts in...

WordPress Hash Elements plugin <= 1.5.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin Hash Elements versions = 1.5.0...

WordPress Hash Elements plugin <= 1.4.7 - Missing Authorization to Unauthenticated Draft Post Title Exposure vulnerability

Missing Authorization to Unauthenticated Draft Post Title Exposure vulnerability discovered by Francesco Carlucci in WordPress Plugin Hash Elements versions = 1.4.7...