CVE-2026-24618

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in HashThemes Hash Elements allows Retrieve Embedded Sensitive Data. This issue affects Hash Elements: from n/a through 1.5.4...

CVE-2026-24618 WordPress Hash Elements plugin <= 1.5.4 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in HashThemes Hash Elements allows Retrieve Embedded Sensitive Data. This issue affects Hash Elements: from n/a through 1.5.4...

CVE-2026-24618 WordPress Hash Elements plugin <= 1.5.4 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in HashThemes Hash Elements allows Retrieve Embedded Sensitive Data. This issue affects Hash Elements: from n/a through 1.5.4...

CVE-2026-24618

CVE-2026-24618 affects the WordPress Hash Elements plugin (Hash Elements) versions up to 1.5.4. The vulnerability is described as Exposure of Sensitive System Information to an Unauthorized Control Sphere, enabling retrieval of embedded sensitive data. According to the provided sources, the CVSS ...

WordPress Hash Elements plugin <= 1.5.4 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by theviper17 in WordPress Plugin Hash Elements versions = 1.5.4...

PT-2026-48976

Name of the Vulnerable Software and Affected Versions Hash Elements versions prior to 1.5.5 Description An issue in HashThemes Hash Elements allows the retrieval of embedded sensitive system information to an unauthorized control sphere. Recommendations Update to version 1.5.5 or later...

php: heap-based buffer overflow in array_merge()

A flaw was found in PHP. A heap-based buffer overflow occurs in the arraymerge function when the total element count of packed arrays exceeds the 32-bit limit or the internal HTMAXSIZE due to an integer overflow in the precomputation of element counts using the zendhashnumelements function, causi...

CLSA-2026-1769445556 php: Fix of CVE-2025-14178

CVE-2025-14178: fix heap buffer overflow in arraymerge due to integer overflow in zendhashnumelements precomputation...

EUVD-2025-2696

Malicious code in bioql PyPI...

EUVD-2024-28347

Malicious code in bioql PyPI...

EUVD-2024-33307

Malicious code in bioql PyPI...

CVE-2025-22296

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hashthemes Hash Elements hash-elements.This issue affects Hash Elements: from n/a through = 1.5.0...

CVE-2024-30426

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HashThemes Hash Elements allows Stored XSS.This issue affects Hash Elements: from n/a through 1.3.3...

CVE-2024-5177

The Hash Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'url' parameter within multiple widgets in all versions up to, and including, 1.3.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-10802

The Hash Elements plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the hashelementsgetpoststitlebyid function in all versions up to, and including, 1.4.7. This makes it possible for unauthenticated attackers to retrieve draft post titles that...

Triple-Identity Authentication: the Future of Secure Access

In a typical authentication process, the local system verifies the user's identity using a stored hash value generated by a cross-system hash algorithm. This article shifts the research focus from traditional password encryption to the establishment of gatekeeping mechanisms for effective...

WordPress plugin Hash Elements cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Hash...

CVE-2025-22296

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hashthemes Hash Elements hash-elements.This issue affects Hash Elements: from n/a through = 1.5.0...

CVE-2025-22296

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HashThemes Hash Elements.This issue affects Hash Elements: from n/a through 1.4.9...

CVE-2025-22296

CVE-2025-22296 describes a Cross‑Site Scripting (XSS) vulnerability in WordPress Hash Elements (HashThemes) plugin. Affected versions are 1.4.9 and earlier, with the root cause being improper neutralization of input during web page generation. The impact is XSS exposure via user-supplied data. Re...