3 matches found
CVE-2024-3307
creationtimestamp| type| source ---|---|--- 2025-03-08 02:35:31+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6918 2025-03-08 04:36:11+00:00| seen| Telegram/TaaJJZlZWtYrcHaof2QpsrmrvKMj9GTwwjIv0zdB5nPTaa 2025-03-08 05:09:24+00:00| seen| https://t.me/cvedetector/19872...
CVE-2024-3307
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown widget's attributes in all versions up to, and including, 2.4.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
WordPress HT Mega Plugin <= 2.4.9 is vulnerable to Cross Site Scripting (XSS)
Software HT Mega Type Plugin Vulnerable versions = 2.4.9 Fixed in 2.5.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3307 Patch priority Low CVSS severity Low 6.5 Developer HTMega PSID d87a1e471944 Credits Webbernaut Required privilege Contributor...