CVE-2023-51529 WordPress HT Mega Plugin <= 2.3.3 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in HasThemes HT Mega – Absolute Addons For Elementor.This issue affects HT Mega – Absolute Addons For Elementor: from n/a through 2.3.3...

CVE-2023-51529

CVE-2023-51529 is a Cross-Site Request Forgery (CSRF) vulnerability in HasThemes HT Mega – Absolute Addons For Elementor, affecting HT Mega – Absolute Addons For Elementor versions up to 2.3.3. The issue enables unauthorized actions to be performed on behalf of an authenticated user, as indicated...

CVE-2023-50901

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HasThemes HT Mega – Absolute Addons For Elementor allows Reflected XSS.This issue affects HT Mega – Absolute Addons For Elementor: from n/a through 2.3.8...

CVE-2023-50901

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HasThemes HT Mega – Absolute Addons For Elementor allows Reflected XSS.This issue affects HT Mega – Absolute Addons For Elementor: from n/a through 2.3.8...

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HasThemes HT Mega – Absolute Addons For Elementor allows Reflected XSS.This issue affects HT Mega – Absolute Addons For Elementor: from n/a through 2.3.8...

CVE-2023-50901

CVE-2023-50901 describes a reflected XSS in HasThemes HT Mega – Absolute Addons For Elementor, affecting HT Mega for Elementor versions up to 2.3.8. The root cause is improper neutralization of user input during web page generation. Impact is cross-site scripting on pages that incorporate the vul...

WordPress HT Mega Absolute Addons for Elementor Cross-Site Scripting Vulnerability

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . A security vulnerability exists in WordPress HT Mega...

CVE-2021-24261

CVE-2021-24261 affects WordPress HT Mega – Absolute Addons for Elementor Page Builder prior to 1.5.7 . Public sources describe stored XSS in multiple widgets (for example, htmega_call_to_action, htmega_section_title, htmega_accordion, and related fields) that can be exploited by lower-privileged ...

HT Mega - Absolute Addons for Elementor Page Builder < 1.5.7 - Contributor+ Stored XSS

The “HT Mega – Absolute Addons for Elementor Page Builder” WordPress Plugin before 1.5.7 has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method. The “htmegacalltoaction” widget accepts a...