Shodan
Vulnerabilities
Vulnerable Software
Hasthemes:  Security Vulnerabilities
CVE-2023-1089
The Coupon Zen WordPress plugin before 1.0.6 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack
CVSS Score
4.3
EPSS Score
0.001
Published
2023-03-27
CVE-2023-0484
The Contact Form 7 Widget For Elementor Page Builder & Gutenberg Blocks WordPress plugin before 1.1.6 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack
CVSS Score
4.3
EPSS Score
0.001
Published
2023-03-27
CVE-2023-0495
The HT Slider For Elementor WordPress plugin before 1.4.0 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack
CVSS Score
4.3
EPSS Score
0.001
Published
2023-03-27
CVE-2023-0496
The HT Event WordPress plugin before 1.4.6 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack
CVSS Score
4.3
EPSS Score
0.001
Published
2023-03-27
CVE-2023-0497
The HT Portfolio WordPress plugin before 1.1.6 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack
CVSS Score
4.3
EPSS Score
0.001
Published
2023-03-27
CVE-2023-0498
The WP Education WordPress plugin before 1.2.7 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack
CVSS Score
4.3
EPSS Score
0.001
Published
2023-03-27
CVE-2023-0499
The QuickSwish WordPress plugin before 1.1.0 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack
CVSS Score
4.3
EPSS Score
0.001
Published
2023-03-27
CVE-2023-0500
The WP Film Studio WordPress plugin before 1.3.5 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack
CVSS Score
6.5
EPSS Score
0.001
Published
2023-03-27
CVE-2023-0501
The WP Insurance WordPress plugin before 2.1.4 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack
CVSS Score
6.5
EPSS Score
0.001
Published
2023-03-27
CVE-2023-0502
The WP News WordPress plugin through 1.1.9 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack
CVSS Score
6.5
EPSS Score
0.001
Published
2023-03-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved