Hash Elements@* Security Vulnerabilities and Issues — Hash Elements@* CVE List

Lucene search

HashthemesHash Elements*

4 matches found

CVE•added 2024/11/13 4:15 a.m.•65 views

CVE-2024-10802

The Hash Elements plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the hash_elements_get_posts_title_by_id() function in all versions up to, and including, 1.4.7. This makes it possible for unauthenticated attackers to retrieve draft post titles...

5.3CVSS5.1AI score0.00201EPSS

CVE•added 2024/05/23 6:15 a.m.•65 views

CVE-2024-5177

The Hash Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'url' parameter within multiple widgets in all versions up to, and including, 1.3.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenti...

6.4CVSS5.9AI score0.0026EPSS

CVE•added 2024/03/29 2:15 p.m.•55 views

CVE-2024-30426

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HashThemes Hash Elements allows Stored XSS.This issue affects Hash Elements: from n/a through 1.3.3.

6.5CVSS6.7AI score0.0012EPSS

CVE•added 2025/01/07 5:15 p.m.•52 views

CVE-2025-22296

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HashThemes Hash Elements.This issue affects Hash Elements: from n/a through 1.4.9.

6.5CVSS6.5AI score0.00044EPSS