Hashthemes Hash Form – Drag & Drop Form Builder
4 CVEs affecting Hashthemes Hash Form – Drag & Drop Form Builder. Latest disclosed: 2024-12-12. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-5084 | Critical | 9.8 | 2024-05-23 | The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'file_upload_a… |
CVE-2024-5085 | High | 8.1 | 2024-05-23 | The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1.0 via deserializa… |
CVE-2024-9417 | Medium | 6.1 | 2024-10-05 | The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to limited file uploads due to a misconfigured file type validation in the 'handleU… |
CVE-2024-12201 | Medium | 4.3 | 2024-12-12 | The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to unauthorized access due to a missing capability check when creating form styles… |