VYPR
Vendor

AHAthat

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2024-11269HigMay 15, 2025
    risk 0.47cvss 7.2epss 0.00

    The AHAthat Plugin WordPress plugin through 1.6 does not sanitize and escape a parameter before using it in a SQL statement, allowing Admin to perform SQL injection attacks.

  • CVE-2024-12595MedJan 2, 2025
    risk 0.31cvss 4.7epss 0.00

    The AHAthat Plugin WordPress plugin through 1.6 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers