Lucene search
K

65 matches found

Positive Technologies
Positive Technologies
added 2025/06/27 12:0 a.m.2 views

PT-2025-27158 · Wpbakery · Ht Mega – Absolute Addons

Name of the Vulnerable Software and Affected Versions: HT Mega – Absolute Addons for WPBakery Page Builder versions 1.0.8 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This...

6.5CVSS6.6AI score0.00204EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 10:28 a.m.4 views

CVE-2024-43267

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Qamar Sheeraz, Nasir Ahmad, GenialSouls Mega Addons For Elementor allows Stored XSS.This issue affects Mega Addons For Elementor: from n/a through 1.9...

6.5CVSS6.8AI score0.00239EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 10:16 a.m.8 views

CVE-2024-32515

Missing Authorization vulnerability in Qamar Sheeraz, Nasir Ahmad Mega Addons For Elementor.This issue affects Mega Addons For Elementor: from n/a through 1.8...

5.4CVSS5.2AI score0.00387EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:23 a.m.5 views

CVE-2024-5215

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 2.5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.1AI score0.00406EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:54 a.m.23 views

CVE-2023-0268

The Mega Addons For WPBakery Page Builder WordPress plugin before 4.3.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site...

5.4CVSS5.8AI score0.00444EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:31 p.m.7 views

CVE-2021-24261

The “HT Mega – Absolute Addons for Elementor Page Builder” WordPress Plugin before 1.5.7 has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...

5.4CVSS5.8AI score0.00663EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 8:14 p.m.15 views

CVE-2022-4501

The Mega Addons plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the vcsavingdata function in versions up to, and including, 4.3.0. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to update the plugin'...

7.1CVSS6.6AI score0.00692EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/08/18 10:15 p.m.7 views

CVE-2024-43267

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Qamar Sheeraz, Nasir Ahmad, GenialSouls Mega Addons For Elementor allows Stored XSS.This issue affects Mega Addons For Elementor: from n/a through 1.9...

6.5CVSS5.2AI score0.00239EPSS
Exploits0References2
NVD
NVD
added 2024/08/18 10:15 p.m.9 views

CVE-2024-43267

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Qamar Sheeraz, Nasir Ahmad, GenialSouls Mega Addons For Elementor allows Stored XSS.This issue affects Mega Addons For Elementor: from n/a through 1.9...

6.5CVSS0.00239EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/18 9:19 p.m.7 views

CVE-2024-43267 WordPress Mega Addons For Elementor plugin <= 1.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Qamar Sheeraz, Nasir Ahmad, GenialSouls Mega Addons For Elementor allows Stored XSS.This issue affects Mega Addons For Elementor: from n/a through 1.9...

6.5CVSS6.8AI score0.00239EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/18 9:19 p.m.11 views

CVE-2024-43267 WordPress Mega Addons For Elementor plugin <= 1.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Qamar Sheeraz, Nasir Ahmad, GenialSouls Mega Addons For Elementor allows Stored XSS.This issue affects Mega Addons For Elementor: from n/a through 1.9...

6.5CVSS0.00239EPSS
Exploits0References1
CVE
CVE
added 2024/08/18 9:19 p.m.40 views

CVE-2024-43267

CVE-2024-43267 (Mega Addons For Elementor) is a Stored XSS via improper input neutralization in Mega Addons For Elementor (elementor addon) affecting versions from n/a through 1.9. The description in the CVE notes the vulnerability type and affected range. Connected sources corroborate an XSS cla...

6.5CVSS6.5AI score0.00239EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/08/18 12:0 a.m.3 views

WordPress plugin Mega Addons For Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.5CVSS6.1AI score0.00239EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/08/12 2:9 p.m.3 views

WordPress Mega Addons For Elementor plugin <= 1.9 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Mega Addons For Elementor versions = 1.9...

6.5CVSS6.1AI score0.00239EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/05/14 3:42 p.m.3 views

CVE-2024-3989

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Gallery Justify Widget in all versions up to, and including, 2.5.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

5.4CVSS5.9AI score0.0034EPSS
Exploits0References2
OSV
OSV
added 2024/05/02 5:15 p.m.4 views

CVE-2023-6214

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.4.6 via the purchasedproducts function. This makes it possible for unauthenticatied attackers to extract sensitive data including the previous 7...

7.5CVSS5.8AI score0.00614EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/05/02 12:0 a.m.5 views

PT-2024-25112 · WordPress · Ht Mega – Absolute Addons For Elementor

Name of the Vulnerable Software and Affected Versions: HT Mega – Absolute Addons For Elementor plugin for WordPress versions up to, and including, 2.4.9 Description: The issue is related to Stored Cross-Site Scripting via the Image Grid widget's attributes due to insufficient input sanitization a...

6.4CVSS5.9AI score0.00423EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/04/17 7:41 a.m.31 views

CVE-2024-32515 WordPress Mega Addons For Elementor plugin <= 1.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Qamar Sheeraz, Nasir Ahmad Mega Addons For Elementor.This issue affects Mega Addons For Elementor: from n/a through 1.8...

5.4CVSS5.8AI score0.00387EPSS
Exploits0References1
CVE
CVE
added 2024/04/17 7:41 a.m.72 views

CVE-2024-32515

Technical details for CVE-2024-32515 are not publicly available in the provided connected documents. Based on the supplied data, we cannot confirm affected versions, root cause, impact, or fixes. Monitor for official advisories or vendor security notices for updates.

5.4CVSS5.2AI score0.00387EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/04/17 12:0 a.m.4 views

WordPress Plugin Mega Addons For Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

5.4CVSS6.5AI score0.00387EPSS
Exploits0References2
Rows per page
Query Builder