Known Vulnerabilities for products from HasThemes
Listed below are 11 of the newest known vulnerabilities associated with the vendor "HasThemes".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-58990 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DevItems ShopLentor woo... | Not Provided | 2025-09-09 | 2026-04-01 |
| CVE-2025-26917 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes WP Templata w... | Not Provided | 2025-03-03 | 2026-04-01 |
| CVE-2025-24695 | Server-Side Request Forgery (SSRF) vulnerability in HT Plugins Extensions For CF7 extensions-for-cf7 allows Server Side Reque... | Not Provided | 2025-01-24 | 2026-04-01 |
| CVE-2025-22801 | Not Provided | 2025-01-09 | 2026-04-01 | |
| CVE-2024-51682 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes HT Builder �... | Not Provided | 2024-11-04 | 2026-04-01 |
| CVE-2024-51673 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DevItems HT Politic wp-... | Not Provided | 2024-11-09 | 2026-04-01 |
| CVE-2024-49630 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DevItems WP Education w... | Not Provided | 2024-10-20 | 2026-04-01 |
| CVE-2024-38706 | Path Traversal: '.../...//' vulnerability in DevItems HT Mega ht-mega-for-elementor.This issue affects HT Mega: from n/a thro... | Not Provided | 2024-07-12 | 2026-04-01 |
| CVE-2024-32782 | Insertion of Sensitive Information Into Sent Data vulnerability in DevItems HT Mega ht-mega-for-elementor.This issue affects ... | Not Provided | 2024-04-24 | 2026-04-01 |
| CVE-2024-30182 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DevItems HT Mega ht-meg... | Not Provided | 2024-03-27 | 2026-04-01 |
| CVE-2021-24262 | The “WooLentor – WooCommerce Elementor Addons + Builder” WordPress Plugin before 1.8.6 has a widget that is vulnerable ... | 5.4 - MEDIUM | 2021-05-05 | 2021-05-11 |
| CVE-2021-24261 | The “HT Mega – Absolute Addons for Elementor Page Builder” WordPress Plugin before 1.5.7 has several widgets that are v... | 5.4 - MEDIUM | 2021-05-05 | 2021-05-11 |