Every CVE whose affected-product data names Hashthemes Hash Form, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2024-5084 — CVSS 9.8 (critical): The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation…
CVE-2024-5085 — CVSS 8.1 (high): The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including…
CVE-2024-9417 — CVSS 6.1 (medium): The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to limited file uploads due to a misconfigured file type…
CVE-2024-12201 — CVSS 4.3 (medium): The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to unauthorized access due to a missing capability check when…