Known Vulnerabilities for products from ThemeHunk
Listed below are 12 of the newest known vulnerabilities associated with the vendor "ThemeHunk".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-32532 json | Not Provided | 2026-03-25 | 2026-03-25 | |
| CVE-2026-25438 json | Not Provided | 2026-03-19 | 2026-04-01 | |
| CVE-2025-69344 json | Not Provided | 2026-01-07 | 2026-04-01 | |
| CVE-2025-62902 json | Not Provided | 2025-10-27 | 2026-04-01 | |
| CVE-2025-52816 json | Not Provided | 2025-06-27 | 2026-04-01 | |
| CVE-2025-30990 json | Missing Authorization vulnerability in ThemeHunk ThemeHunk themehunk-megamenu-plus allows Exploiting Incorrectly Configured A... | Not Provided | 2025-06-06 | 2026-04-01 |
| CVE-2025-30881 json | Missing Authorization vulnerability in themehunk Big Store big-store allows Exploiting Incorrectly Configured Access Control ... | Not Provided | 2025-03-27 | 2026-04-01 |
| CVE-2025-22644 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeHunk Vayu Blocks �... | Not Provided | 2025-03-27 | 2026-04-01 |
| CVE-2024-54369 json | Not Provided | 2024-12-16 | 2026-04-01 | |
| CVE-2024-44049 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeHunk Gutenberg Blo... | Not Provided | 2024-09-17 | 2026-04-01 |
| CVE-2023-27431 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2023-11-12 | 2023-11-17 |
| CVE-2022-23180 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 4.3 - MEDIUM | 2024-01-16 | 2024-01-24 |
| CVE-2022-23179 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 4.8 - MEDIUM | 2024-01-16 | 2024-01-23 |
| CVE-2022-2405 json | The WP Popup Builder WordPress plugin before 1.2.9 does not have authorisation and CSRF check in an AJAX action, allowing any... | 4.3 - MEDIUM | 2022-09-26 | 2023-06-30 |
| CVE-2022-2404 json | The WP Popup Builder WordPress plugin before 1.2.9 does not sanitise and escape a parameter before outputting it back in the ... | 6.1 - MEDIUM | 2022-09-26 | 2022-10-29 |
| CVE-2021-24967 json | The Contact Form & Lead Form Elementor Builder WordPress plugin before 1.6.4 does not sanitise and escape some lead values, w... | 6.1 - MEDIUM | 2021-12-27 | 2022-01-06 |