Hasthemes Wp Education — known CVE vulnerabilities
Every CVE whose affected-product data names Hasthemes Wp Education, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2024-49630 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DevItems WP Education wp-education…
CVE-2023-0498 — CVSS 4.3 (medium): The WP Education WordPress plugin before 1.2.7 does not have CSRF check when activating plugins, which could allow attackers to make logged…