ByteOS Network

WishSuite

Source -

CNA

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

3Vulnerabilities found

CVE-2025-30820

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-7.5||HIGH

EPSS-0.21% / 43.76%

7 Day CHG-0.01%

Published-27 Mar, 2025 | 10:55

Updated-27 Mar, 2025 | 18:56

WordPress WishSuite plugin <= 1.4.4 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in HT Plugins WishSuite allows PHP Local File Inclusion. This issue affects WishSuite: from n/a through 1.4.4.

Vendor-HasTech IT Limited (HasThemes)

Product-WishSuite

CWE ID-CWE-98

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

CVE-2024-29927

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-6.5||MEDIUM

EPSS-0.18% / 39.68%

7 Day CHG~0.00%

Published-27 Mar, 2024 | 07:28

Updated-02 Aug, 2024 | 14:29

WordPress WishSuite plugin <= 1.3.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasTheme WishSuite allows Stored XSS.This issue affects WishSuite: from n/a through 1.3.7.

Vendor-HasTech IT Limited (HasThemes)

Product-WishSuite

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2023-23731

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-4.3||MEDIUM

EPSS-0.07% / 21.99%

7 Day CHG~0.00%

Published-11 Jul, 2023 | 07:01

Updated-08 Oct, 2024 | 13:36

WordPress WishSuite Plugin <= 1.3.3 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) vulnerability in HasTheme WishSuite plugin <= 1.3.3 versions.

Vendor-HasTech IT Limited (HasThemes)

Product-wishsuite WishSuite

CWE ID-CWE-352

Cross-Site Request Forgery (CSRF)