| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-6370 | WordPress Mini Ajax Cart for WooCommerce plugin <= 1.3.4 - Cross Site Scripting (XSS) vulnerability | HashThemes | Mini Ajax Cart for WooCommerce | Medium | 5.9 | 2026-04-15 16:02:15 | Deep Dive |
| CVE-2025-9045 | Easy Elementor Addons <= 2.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting | hashthemes | Easy Elementor Addons – Addons Pack for Elementor Page Builder | Medium | 6.4 | 2025-10-03 11:17:07 | Deep Dive |
| CVE-2025-58973 | WordPress Easy Elementor Addons Plugin <= 2.2.8 - Local File Inclusion Vulnerability | hashthemes | Easy Elementor Addons | High | 7.5 | 2025-09-22 18:26:09 | Deep Dive |
| CVE-2025-59561 | WordPress Smart Blocks Plugin <= 2.4 - Broken Access Control Vulnerability | hashthemes | Smart Blocks | Medium | 4.3 | 2025-09-22 18:26:03 | Deep Dive |
| CVE-2025-54712 | WordPress Easy Elementor Addons Plugin <= 2.2.7 - Broken Access Control Vulnerability | hashthemes | Easy Elementor Addons | Medium | 4.3 | 2025-08-14 18:21:47 | Deep Dive |
| CVE-2025-54704 | WordPress Easy Elementor Addons plugin <= 2.2.6 - Cross Site Scripting (XSS) Vulnerability | hashthemes | Easy Elementor Addons | Medium | 6.5 | 2025-08-14 10:34:58 | Deep Dive |
| CVE-2025-48295 | WordPress Easy Elementor Addons plugin <= 2.2.5 - Cross Site Scripting (XSS) Vulnerability | hashthemes | Easy Elementor Addons | Medium | 6.5 | 2025-07-16 10:36:54 | Deep Dive |
| CVE-2025-47468 | WordPress Hash Form plugin <= 1.2.8 - Cross Site Request Forgery (CSRF) Vulnerability | hashthemes | Hash Form | Medium | 4.3 | 2025-05-07 14:19:43 | Deep Dive |
| CVE-2025-26912 | WordPress Easy Elementor Addons plugin <= 2.1.6 - Cross Site Scripting (XSS) vulnerability | hashthemes | Easy Elementor Addons | Medium | 6.5 | 2025-02-25 14:17:54 | Deep Dive |
| CVE-2025-26761 | WordPress Easy Elementor Addons plugin <= 2.1.5 - Cross Site Scripting (XSS) vulnerability | hashthemes | Easy Elementor Addons | Medium | 6.5 | 2025-02-16 22:17:18 | Deep Dive |
| CVE-2025-22296 | WordPress Hash Elements plugin <= 1.5.0 - Cross Site Scripting (XSS) vulnerability | hashthemes | Hash Elements | Medium | 6.5 | 2025-01-07 16:56:30 | Deep Dive |
| CVE-2023-27456 | WordPress Total theme <= 2.1.19 - Authenticated Arbitrary Plugin Activation | hashthemes | Total | Medium | 4.3 | 2024-12-13 14:23:20 | Deep Dive |
| CVE-2023-28990 | WordPress Viral Mag theme <= 1.0.9 - Authenticated Arbitrary Plugin Activation Vulnerability | hashthemes | Viral Mag | Medium | 4.3 | 2024-12-13 14:23:20 | Deep Dive |
| CVE-2024-12201 | Hash Form <= 1.2.1 - Missing Authorization to Authenticated (Contributor+) Form Style Creation | hashthemes | Hash Form – Drag & Drop Form Builder | Medium | 4.3 | 2024-12-12 06:46:34 | Deep Dive |
| CVE-2023-30486 | WordPress Square theme <= 2.0.0 - Broken Access Control | hashthemes | Square | Medium | 4.3 | 2024-12-09 11:31:05 | Deep Dive |
| CVE-2024-10802 | Hash Elements <= 1.4.7 - Missing Authorization to Unauthenticated Draft Post Title Exposure | hashthemes | Hash Elements | Medium | 5.3 | 2024-11-13 03:20:06 | Deep Dive |
| CVE-2024-49270 | WordPress Smart Blocks plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability | hashthemes | Smart Blocks | Medium | 6.5 | 2024-10-16 13:50:00 | Deep Dive |
| CVE-2024-9417 | Hash Form - Drag & Drop Form Builder <= 1.1.9 - Unauthenticated Limited File Upload | hashthemes | Hash Form – Drag & Drop Form Builder | Medium | 6.1 | 2024-10-05 09:39:23 | Deep Dive |
| CVE-2024-5084 | Hash Form – Drag & Drop Form Builder <= 1.1.0 - Unauthenticated Arbitrary File Upload to Remote Code Execution | hashthemes | Hash Form – Drag & Drop Form Builder | Critical | 9.8 | 2024-05-23 14:31:39 | Deep Dive |
| CVE-2024-5085 | Hash Form – Drag & Drop Form Builder <= 1.1.0 - Unauthenticated PHP Object Injection | hashthemes | Hash Form – Drag & Drop Form Builder | High | 8.1 | 2024-05-23 14:31:38 | Deep Dive |