Lucene search

Ht Feed Security Vulnerabilities - January

cve

CVE-2023-23804

Cross-Site Request Forgery (CSRF) vulnerability in HasThemes HT Feed plugin <= 1.2.7 versions.

8.8CVSS

8.8AI Score

0.001EPSS

2023-07-10 04:15 PM

cve

CVE-2023-37999

Improper Privilege Management vulnerability in HasThemes HT Mega allows Privilege Escalation.This issue affects HT Mega: from n/a through 2.2.0.

9.8CVSS

6.9AI Score

0.0004EPSS

2024-05-17 07:15 AM

cve

CVE-2024-30182

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes HT Mega allows Stored XSS.This issue affects HT Mega: from n/a through 2.4.3.

6.5CVSS

9.1AI Score

0.0004EPSS

2024-03-27 12:15 PM

cve

CVE-2024-32782

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HasThemes HT Mega.This issue affects HT Mega: from n/a through 2.4.7.

4.3CVSS

6.7AI Score

0.0004EPSS

2024-04-24 08:15 AM

cve

CVE-2024-35699

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HasThemes HT Feed allows Stored XSS.This issue affects HT Feed: from n/a through 1.2.8.

6.5CVSS

6.5AI Score

0.0004EPSS

2024-06-08 03:15 PM

cve

CVE-2024-38706

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in HasThemes HT Mega allows Path Traversal.This issue affects HT Mega: from n/a through 2.5.7.

6.5CVSS

6.5AI Score

0.0004EPSS

2024-07-12 02:15 PM