Vulnerabilidades em themehunk
32 resultadosCVE-2024-9061HIGHWP Popup Builder – Popup Forms and Marketing Lead Generation <= 1.3.5 - Unauthenticated Arbitrary Shortcode Execution via wp_ajax_nopriv_shortcode_Api_AddEPSS 51.3%CVE-2024-10124CRITICALVayu Blocks – Gutenberg Blocks for WordPress & WooCommerce <= 1.1.1 - Missing Authorization to Unauthenticated Arbitrary Plugin Installation/ActivationEPSS 31.2%CVE-2024-9707CRITICALHunk Companion <= 1.8.4 - Missing Authorization to Unauthenticated Arbitrary Plugin Installation/ActivationEPSS 9.1%CVE-2024-10674HIGHTh Shop Mania <= 1.4.9 - Authenticated (Subscriber+) Arbitrary Plugin Installation/ActivationEPSS 1.7%CVE-2024-54369CRITICALWordPress Zita Site Builder plugin <= 1.0.2 - Arbitrary Plugin Installation and Activation vulnerabilityEPSS 1.5%CVE-2024-10673HIGHTop Store <= 1.5.4 - Authenticated (Subscriber+) Arbitrary Plugin Installation/ActivationEPSS 1.1%CVE-2022-38057MEDIUMWordPress TH Advance Product Search plugin <= 1.2.1 - Unauthenticated Plugin Settings Reset vulnerabilityEPSS 0.6%CVE-2022-40218MEDIUMWordPress TH Advance Product Search plugin <= 1.1.4 - Unauthenticated Plugin Settings Change vulnerabilityEPSS 0.5%CVE-2025-52816HIGHWordPress Zita theme <= 1.6.5 - Local File Inclusion VulnerabilityEPSS 0.4%CVE-2025-68046MEDIUMWordPress Contact Form & Lead Form Elementor Builder plugin <= 2.0.1 - Sensitive Data Exposure vulnerabilityEPSS 0.4%CVE-2024-8434MEDIUMEasy Mega Menu Plugin for WordPress – ThemeHunk <= 1.0.9 - Missing Authorization to Authenticated (Subscriber+) Settings UpdatesEPSS 0.3%CVE-2024-8433MEDIUMEasy Mega Menu Plugin for WordPress – ThemeHunk <= 1.1.0 - Authenticated (Subscriber+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2024-4261MEDIUMResponsive Contact Form Builder & Lead Generation Plugin <= 1.9.1 - Authenticated (Subscriber+) Arbitrary Shortcode ExecutionEPSS 0.3%CVE-2025-2568MEDIUMVayu Blocks – Gutenberg Blocks for WordPress & WooCommerce 1.0.4 - 1.2.1 - Missing Authorization to Unauthenticated Limited Arbitrary Options UpdateEPSS 0.3%CVE-2023-27431MEDIUMWordPress Big Store Theme <= 1.9.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2025-30881MEDIUMWordPress Big Store theme <= 2.0.8 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-1416MEDIUMResponsive Contact Form Builder & Lead Generation Plugin <= 1.8.9 - Missing AuthorizationEPSS 0.3%CVE-2024-1415MEDIUMResponsive Contact Form Builder & Lead Generation Plugin <= 1.8.9 - Cross-Site Request ForgeryEPSS 0.3%CVE-2025-62902MEDIUMWordPress WP Popup Builder plugin <= 1.3.8 - Sensitive Data Exposure vulnerabilityEPSS 0.3%CVE-2024-44049MEDIUMWordPress Gutenberg Blocks – Unlimited blocks For Gutenberg plugin <= 1.2.8 - Authenticated Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%