Lucene search
K

6 matches found

Circl
Circl
added 2024/04/11 8:15 a.m.5 views

CVE-2024-1974

creationtimestamp| type| source ---|---|--- 2024-04-11 08:15:07+00:00| seen| https://t.me/arpsyndicate/4477...

8.8CVSS8.7AI score0.01214EPSS
Exploits0References1
NVD
NVD
added 2024/04/09 7:15 p.m.32 views

CVE-2024-1974

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4.6 via the render function. This makes it possible for authenticated attackers, with contributor access or higher, to read the contents of arbitrary files...

8.8CVSS8.4AI score0.01214EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/04/09 6:58 p.m.16 views

CVE-2024-1974 HT Mega – Absolute Addons For Elementor <= 2.4.5 - Authenticated (Contributor+) Directory Traversal

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4.6 via the render function. This makes it possible for authenticated attackers, with contributor access or higher, to read the contents of arbitrary files...

8.8CVSS7.3AI score0.01214EPSS
Exploits0References3
CVE
CVE
added 2024/04/09 6:58 p.m.74 views

CVE-2024-1974

CVE-2024-1974 : The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Directory Traversal in render() in versions up to 2.4.6. Authenticated attackers with contributor+ access can read arbitrary server files. The issue is documented by Wordfence and Red Hat; a fix is a...

8.8CVSS9AI score0.01214EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/04/09 6:58 p.m.30 views

CVE-2024-1974 HT Mega – Absolute Addons For Elementor <= 2.4.5 - Authenticated (Contributor+) Directory Traversal

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4.6 via the render function. This makes it possible for authenticated attackers, with contributor access or higher, to read the contents of arbitrary files...

8.8CVSS8.9AI score0.01214EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/03/14 12:0 a.m.11 views

WordPress HT Mega Plugin <= 2.4.6 is vulnerable to Directory Traversal

Software HT Mega Type Plugin Vulnerable versions = 2.4.6 Fixed in 2.4.7 OWASP Top 10 A5: Broken Access Control Classification Directory Traversal CVE CVE-2024-1974 Patch priority Low CVSS severity Low 7.7 Developer HTMega PSID 6d7e2f2731f2 Credits Webbernaut Required privilege Contributor Publish...

8.8CVSS6.9AI score0.01214EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder