4 matches found
Exploit for Missing Authorization in Hasthemes Ht_Mega
CVE-2024-4875 HT Mega – Absolute Addons For Elementor = 2...
CVE-2024-4875 HT Mega – Absolute Addons For Elementor <= 2.5.2 - Missing Authorization to Options Update
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to unauthorized modification of data|loss of data due to a missing capability check on the 'ajaxdismiss' function in versions up to, and including, 2.5.2. This makes it possible for authenticated attackers, with...
CVE-2024-4875 HT Mega – Absolute Addons For Elementor <= 2.5.2 - Missing Authorization to Options Update
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to unauthorized modification of data|loss of data due to a missing capability check on the 'ajaxdismiss' function in versions up to, and including, 2.5.2. This makes it possible for authenticated attackers, with...
WordPress HT Mega Plugin <= 2.5.2 is vulnerable to Broken Access Control
Software HT Mega Type Plugin Vulnerable versions = 2.5.2 Fixed in 2.5.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-4875 Patch priority Low CVSS severity Low 4.3 Developer HTMega PSID dfccf3184973 Credits 1337Wannabe Required privilege Subscriber...