Browse all 3 CVE security advisories affecting HasTheme. AI-powered Chinese analysis, POCs, and references for each vulnerability.
HasTheme is a WordPress theme provider offering customizable templates for websites. Historically, its products have been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities, as evidenced by three recorded CVEs. These weaknesses often stem from insufficient input validation and improper permission checks. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities suggests a need for improved security practices in theme development and regular updates. Users should implement proper access controls and maintain current versions to mitigate potential risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-29927 | WordPress WishSuite plugin <= 1.3.7 - Cross Site Scripting (XSS) vulnerability — WishSuiteCWE-79 | 6.5 | Medium | 2024-03-27 |
| CVE-2023-32962 | WordPress WishSuite Plugin <= 1.3.4 is vulnerable to Cross Site Scripting (XSS) — WishSuite – Wishlist for WooCommerceCWE-79 | 5.9 | Medium | 2023-08-30 |
| CVE-2023-23731 | WordPress WishSuite Plugin <= 1.3.3 is vulnerable to Cross Site Request Forgery (CSRF) — WishSuiteCWE-352 | 4.3 | Medium | 2023-07-11 |
This page lists every published CVE security advisory associated with HasTheme. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.