CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

CNVD•added 2025/07/23 12:0 a.m.•1 views

WordPress Hestia Missing Authorization Vulnerability

WordPress Hestia is a free corporate theme for the WordPress platform, developed by ThemeIsle. The theme is known for its clean and generous design, responsive layout and rich functionality, supporting drag-and-drop page editing, SEO optimization and other features, which is suitable for quickly...

5.3CVSS6.8AI score0.00229EPSS

Exploits0References1

Patchstack•added 2025/07/16 12:9 p.m.•3 views

WordPress Hestia theme <= 3.2.10 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Martino Spagnuolo r3verii in WordPress Theme Hestia versions = 3.2.10...

5.3CVSS6.9AI score0.00229EPSS

Exploits0Affected Software1

CVE•added 2025/07/16 10:36 a.m.•13 views

CVE-2025-53986

CVE-2025-53986 is a Missing Authorization vulnerability in ThemeIsle Hestia (WordPress theme) affecting versions up to 3.2.10. The issue allows access to functionality not properly constrained by ACLs (Broken Access Control). CVSS v3.1 base score: 5.3 (Medium). remediation: update to 3.2.11 or la...

5.3CVSS5.9AI score0.00229EPSS

Exploits0References1

CNNVD•added 2025/07/16 12:0 a.m.•1 views

WordPress plugin Hestia 安全漏洞

5.3CVSS6.5AI score0.00229EPSS

Exploits0References1

CVE•added 2025/01/02 12:1 p.m.•47 views

CVE-2024-56236

CVE-2024-56236 is described in connected Red Hat data as a Missing Authorization vulnerability in Hestia Nginx Cache, affecting Hestia Nginx Cache versions up to 2.4.0. The Red Hat advisory indicates the issue has been patched. No additional technical details (e.g., exploit vectors, risk, or exac...

4.3CVSS8.5AI score0.00176EPSS

Exploits0References1

CVE•added 2025/01/02 12:0 p.m.•38 views

CVE-2024-37467

CVE-2024-37467 is a CSRF vulnerability in ThemeIsle Hestia WordPress theme affecting Hestia up to version 3.1.2 (vendor/product: ThemeIsle Hestia). Public docs confirm remediation: update to 3.1.3 or later. CVSS v3.1 base score 4.3 (Medium); exploitation status not specified in provided materials...

4.3CVSS5.9AI score0.00129EPSS

Exploits0References1

Cvelist•added 2025/01/02 12:0 p.m.•12 views

CVE-2024-37467 WordPress Hestia theme <= 3.1.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in themeisle Hestia hestia allows Cross Site Request Forgery.This issue affects Hestia: from n/a through = 3.1.2...

4.3CVSS0.00129EPSS

Exploits0References1

Patchstack•added 2024/07/01 12:11 p.m.•1 views

WordPress Hestia theme <= 3.1.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Hestia versions = 3.1.2...

4.3CVSS7AI score0.00129EPSS

Exploits0Affected Software1

Patchstack•added 2024/07/01 12:0 a.m.•13 views

WordPress Hestia Theme <= 3.1.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software Hestia Type Theme Vulnerable versions = 3.1.2 Fixed in 3.1.3 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-37467 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 143c51756c08 Credits Dhabaleshwar Das Required...

6.4AI score0.00129EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by