Skip to content
Features
Pricing
Solutions
Status
API Details
CLI Scanner
Vulnerabilities
Themes
WordPress
Plugins
Stats
Submit Vulnerabilities
Leaderboard
Resources
Blog
Enterprise Features
How to Install WPScan
WPScan Glossary
2024 Website Threat Report
Search
WordPress Theme Vulnerabilities
Show Previous Letters
0-9
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
Show Next Letters
Slug
Published
Title
Slug
houzez
Published
2025-07-01
Title
Houzez < 4.0.8 - Unauthenticated Local File Inclusion
Slug
houzez
Published
2025-07-16
Title
Houzez < 4.1.1 - Missing Authorization
Slug
houzez
Published
2025-08-20
Title
Houzez < 4.1.4 - Missing Authorization
Slug
houzez
Published
2025-08-27
Title
Houzez < 4.1.4 - Reflected Cross-Site Scripting
Slug
houzez
Published
2025-08-27
Title
Houzez < 4.1.4 - Unauthenticated Local File Inclusion
Slug
houzez
Published
2025-10-16
Title
Houzez < 4.2.0 - Unauthenticated Local File Inclusion
Slug
houzez
Published
2025-11-26
Title
Houzez < 4.1.7 - Authenticated (Subscriber+) PHP Object Injection via Saved Search
Slug
houzez
Published
2025-11-26
Title
Houzez < 4.1.7 - Unauthenticated Stored Cross-Site Scripting via SVG File Upload
Slug
houzez
Published
2025-07-11
Title
Houzez <= 4.2.5 - Subscriber+ Insecure Direct Object Reference
Slug
hoverex
Published
2026-03-03
Title
Hoverex | Cryptocurrency & ICO Elementor Template Kit <= 1.5.10 - Unauthenticated Local File Inclusion
Slug
hub
Published
2025-08-27
Title
LiquidThemes Themes <= Various Versions - Missing Authorization to Authenticated (Subscriber+) All Plugins Deactivated
Slug
hueman
Published
2020-09-16
Title
Multiple Plugins/Themes - Cross-Site Request Forgery (CSRF)
Slug
hueman
Published
2020-09-26
Title
Hueman < 3.6.4 - Arbitrary Settings Update via CSRF
Slug
hueman
Published
2024-06-18
Title
Hueman < 3.7.25 - Cross-Site Request Forgery to Notice Dismissal
Slug
hugo-wp
Published
2024-04-26
Title
ColibriWP Theme framework - Various Versions and Themes - Missing Authorization
Slug
humanum
Published
2026-03-02
Title
Humanum <= 1.1.4 - Unauthenticated Local File Inclusion
Slug
hybrid
Published
2011-09-27
Title
Hybrid < 0.10 - XSS
Slug
hydro
Published
2025-06-18
Title
HYDRO <= 2.8 - Reflected Cross-Site Scripting
Slug
hygia
Published
2025-09-02
Title
Hygia <= 1.16 - Unauthenticated Local File Inclusion
Slug
hyori
Published
2025-12-30
Title
Hyori <= 1.3.6 - Unauthenticated Local File Inclusion
Slug
hypnotherapy
Published
2026-03-05
Title
Hypnotherapy - Psychologist Theme <= 1.2.10 - Unauthenticated Local File Inclusion
Previous
1
2
3
4
Next
Subscribe
Subscribed
WPScan
Join 30,892 other subscribers
Sign me up
Already have a WordPress.com account?
Log in now.
WPScan
Subscribe
Subscribed
Sign up
Log in
Report this content
View site in Reader
Manage subscriptions
Collapse this bar
WPScan 