CVE-2026-24618
- EPSS 0.18%
- Veröffentlicht 12.06.2026 20:46:18
- Zuletzt bearbeitet 15.06.2026 20:42:32
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in HashThemes Hash Elements allows Retrieve Embedded Sensitive Data. This issue affects Hash Elements: from n/a through 1.5.4.
CVE-2025-22296
- EPSS 0.24%
- Veröffentlicht 07.01.2025 17:15:32
- Zuletzt bearbeitet 23.04.2026 15:22:57
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hashthemes Hash Elements hash-elements.This issue affects Hash Elements: from n/a through <= 1.5.0.
CVE-2024-10802
- EPSS 0.61%
- Veröffentlicht 13.11.2024 04:15:04
- Zuletzt bearbeitet 05.06.2025 17:00:18
The Hash Elements plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the hash_elements_get_posts_title_by_id() function in all versions up to, and including, 1.4.7. This makes it possible for unauth...
CVE-2024-5177
- EPSS 0.31%
- Veröffentlicht 23.05.2024 06:15:11
- Zuletzt bearbeitet 08.04.2026 18:21:59
The Hash Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'url' parameter within multiple widgets in all versions up to, and including, 1.3.8 due to insufficient input sanitization and output escaping on user supplie...
CVE-2024-30426
- EPSS 0.35%
- Veröffentlicht 29.03.2024 14:15:09
- Zuletzt bearbeitet 28.04.2026 19:23:59
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HashThemes Hash Elements allows Stored XSS.This issue affects Hash Elements: from n/a through 1.3.3.