Shodan
Vulnerabilities
Vulnerable Software
Hasthemes:  Security Vulnerabilities
CVE-2023-23804
Cross-Site Request Forgery (CSRF) vulnerability in HasThemes HT Feed plugin <= 1.2.7 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-07-10
CVE-2023-23802
Cross-Site Request Forgery (CSRF) vulnerability in HasThemes HT Easy GA4 ( Google Analytics 4 ) plugin <= 1.0.6 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-06-15
CVE-2023-23801
Cross-Site Request Forgery (CSRF) vulnerability in HasThemes Really Simple Google Tag Manager plugin <= 1.0.6 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-04-06
CVE-2023-0504
The HT Politic WordPress plugin before 2.3.8 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack
CVSS Score
4.3
EPSS Score
0.001
Published
2023-03-27
CVE-2023-0505
The Ever Compare WordPress plugin through 1.2.3 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack
CVSS Score
4.3
EPSS Score
0.001
Published
2023-03-27
CVE-2023-1086
The Preview Link Generator WordPress plugin before 1.0.4 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack
CVSS Score
4.3
EPSS Score
0.008
Published
2023-03-27
CVE-2023-1087
The WC Sales Notification WordPress plugin before 1.2.3 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack
CVSS Score
4.3
EPSS Score
0.001
Published
2023-03-27
CVE-2023-1088
The WP Plugin Manager WordPress plugin before 1.1.8 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack
CVSS Score
4.3
EPSS Score
0.001
Published
2023-03-27
CVE-2023-1089
The Coupon Zen WordPress plugin before 1.0.6 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack
CVSS Score
4.3
EPSS Score
0.001
Published
2023-03-27
CVE-2023-0484
The Contact Form 7 Widget For Elementor Page Builder & Gutenberg Blocks WordPress plugin before 1.1.6 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack
CVSS Score
4.3
EPSS Score
0.001
Published
2023-03-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved