Known Vulnerabilities for products from Hasthemes
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Hasthemes".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-68533 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes WC Builder wc... | Not Provided | 2025-12-24 | 2026-04-23 |
| CVE-2025-64271 json | Cross-Site Request Forgery (CSRF) vulnerability in HasThemes WP Plugin Manager wp-plugin-manager allows Cross Site Request Fo... | Not Provided | 2025-11-13 | 2026-04-23 |
| CVE-2025-58990 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DevItems ShopLentor woo... | Not Provided | 2025-09-09 | 2026-04-23 |
| CVE-2025-26917 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes WP Templata w... | Not Provided | 2025-03-03 | 2026-04-01 |
| CVE-2025-24695 json | Server-Side Request Forgery (SSRF) vulnerability in HT Plugins Extensions For CF7 extensions-for-cf7 allows Server Side Reque... | Not Provided | 2025-01-24 | 2026-04-23 |
| CVE-2025-22801 json | Not Provided | 2025-01-09 | 2026-04-23 | |
| CVE-2025-7360 json | The HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder plugin for WordPress is vulnerable to... | Not Provided | 2025-07-15 | 2026-04-08 |
| CVE-2025-7341 json | The HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder plugin for WordPress is vulnerable to... | Not Provided | 2025-07-15 | 2026-04-08 |
| CVE-2025-7340 json | The HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder plugin for WordPress is vulnerable to... | Not Provided | 2025-07-15 | 2026-04-08 |
| CVE-2024-51682 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes HT Builder �... | Not Provided | 2024-11-04 | 2026-04-23 |
| CVE-2024-51673 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DevItems HT Politic wp-... | Not Provided | 2024-11-09 | 2026-04-23 |
| CVE-2024-49630 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DevItems WP Education w... | Not Provided | 2024-10-20 | 2026-04-23 |
| CVE-2024-38706 json | Path Traversal: '.../...//' vulnerability in DevItems HT Mega ht-mega-for-elementor.This issue affects HT Mega: from n/a thro... | Not Provided | 2024-07-12 | 2026-04-23 |
| CVE-2024-32782 json | Insertion of Sensitive Information Into Sent Data vulnerability in DevItems HT Mega ht-mega-for-elementor.This issue affects ... | Not Provided | 2024-04-24 | 2026-04-23 |
| CVE-2024-30182 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DevItems HT Mega ht-meg... | Not Provided | 2024-03-27 | 2026-04-23 |
| CVE-2024-12599 json | The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugi... | Not Provided | 2025-02-11 | 2026-04-08 |
| CVE-2024-5530 json | The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) plu... | Not Provided | 2024-06-11 | 2026-04-08 |
| CVE-2024-5215 json | The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple ... | Not Provided | 2024-06-26 | 2026-04-08 |
| CVE-2024-5173 json | The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Video... | Not Provided | 2024-06-26 | 2026-04-08 |
| CVE-2024-4876 json | The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘po... | Not Provided | 2024-05-21 | 2026-04-08 |