CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

CVE•added 2026/03/25 4:15 p.m.•3 views

CVE-2026-32532

WordPress plugin: Contact Form & Lead Form Elementor Builder (versions ≤ 2.0.1) has a Cross Site Scripting (XSS) vulnerability. Discovered by daroo. The Patchstack entry confirms the affected plugin and the XSS issue; no fix version is stated in the provided documents.

7.1CVSS5.8AI score0.00045EPSS

Exploits0References1

Vulnrichment•added 2026/01/22 4:52 p.m.•1 views

CVE-2025-68046 WordPress Contact Form & Lead Form Elementor Builder plugin <= 2.0.1 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ThemeHunk Contact Form & Lead Form Elementor Builder lead-form-builder allows Retrieve Embedded Sensitive Data.This issue affects Contact Form & Lead Form Elementor Builder: from n/a through = 2.0.1...

5.9AI score0.00056EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:15 a.m.•5 views

CVE-2022-38057

Missing Authorization vulnerability in ThemeHunk Advance WordPress Search Plugin.This issue affects Advance WordPress Search Plugin: from n/a through 1.2.1...

9.8CVSS5.2AI score0.00107EPSS

Exploits0References1

Patchstack•added 2025/06/05 1:19 a.m.•6 views

WordPress ThemeHunk plugin <= 1.1.2 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by domiee13 in WordPress Plugin ThemeHunk versions = 1.1.2...

5.4CVSS6.7AI score0.0016EPSS

Exploits0Affected Software1

Vulnrichment•added 2024/10/08 9:33 a.m.•6 views

CVE-2024-8433 Easy Mega Menu Plugin for WordPress – ThemeHunk <= 1.1.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting

The Easy Mega Menu Plugin for WordPress – ThemeHunk plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘themehunkmegamenubgimage' parameter in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.8AI score0.00255EPSS

Exploits0References4

Patchstack•added 2024/10/08 12:0 a.m.•6 views

WordPress ThemeHunk Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software ThemeHunk Type Plugin Vulnerable versions = 1.1.0 Fixed in 1.1.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8433 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID c1773d3ddeac Credits Lucio Sá Required...

6.4CVSS5.6AI score0.00255EPSS

Exploits0References3Affected Software1

CNNVD•added 2024/09/25 12:0 a.m.•2 views

WordPress plugin ThemeHunk 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS6.5AI score0.00232EPSS

Exploits0References6

Patchstack•added 2024/09/24 2:7 p.m.•4 views

WordPress ThemeHunk plugin <= 1.0.9 - Missing Authorization to Authenticated (Subscriber+) Settings Updates vulnerability

Missing Authorization to Authenticated Subscriber+ Settings Updates vulnerability discovered by Lucio Sá in WordPress Plugin ThemeHunk versions = 1.0.9...

4.3CVSS7AI score0.00232EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by