702 matches found
CVE-2025-1261
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 2.8.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes ...
CVE-2024-2084
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's lightbox widget in all versions up to, and including, 2.4.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...
CVE-2024-2790
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Accordion widget in all versions up to, and including, 2.4.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
EUVD-2025-203185
The HT Slider for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slidetitle' parameter in all versions up to, and including, 1.7.4 due to insufficient input sanitization and output escaping in JavaScript. This makes it possible for authenticated attackers, wi...
CVE-2025-14278
The HT Slider for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slidetitle' parameter in all versions up to, and including, 1.7.4 due to insufficient input sanitization and output escaping in JavaScript. This makes it possible for authenticated attackers, wi...
CVE-2025-14278 HT Slider for Elementor <= 1.7.4 - Authenticated (Contributor+) Stored Cross-Site Scripting
The HT Slider for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slidetitle' parameter in all versions up to, and including, 1.7.4 due to insufficient input sanitization and output escaping in JavaScript. This makes it possible for authenticated attackers, wi...
CVE-2025-14278
CVE-2025-14278 refers to the HT Slider for Elementor WordPress plugin. The issue is a Stored Cross-Site Scripting (XSS) vulnerability via the slide_title parameter in all versions up to and including 1.7.4, caused by insufficient input sanitization and output escaping in JavaScript. Impact requir...
PT-2025-51047
The HT Slider for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slide title' parameter in all versions up to, and including, 1.7.4 due to insufficient input sanitization and output escaping in JavaScript. This makes it possible for authenticated attackers,...
WordPress plugin HT Slider for Elementor 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A cross-site scriptin...
WordPress HT Slider for Elementor plugin <= 1.7.4 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin HT Slider For Elementor versions = 1.7.4...
WordPress HT Mega plugin cross-site scripting vulnerability
WordPress HT Mega plugin is an Elementor page builder plugin designed for WordPress websites. The WordPress HT Mega plugin suffers from a cross-site scripting vulnerability that stems from insufficient validation of user-supplied HTML tag name input, which can be exploited by an attacker to execu...
CVE-2025-13141
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Gutenberg blocks in all versions up to, and including, 3.0.0 due to insufficient input validation on user-supplied HTML tag names. This is due to the lack of a tag name...
CVE-2025-13141 HT Mega – Absolute Addons For Elementor <= 3.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Tag Attribute Injection
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Gutenberg blocks in all versions up to, and including, 3.0.0 due to insufficient input validation on user-supplied HTML tag names. This is due to the lack of a tag name...
CVE-2025-13141 HT Mega – Absolute Addons For Elementor <= 3.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Tag Attribute Injection
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Gutenberg blocks in all versions up to, and including, 3.0.0 due to insufficient input validation on user-supplied HTML tag names. This is due to the lack of a tag name...
WordPress plugin HT Mega 跨站脚本漏洞
WordPress HT Mega plugin is an Elementor page builder plugin designed for WordPress websites. The WordPress HT Mega plugin suffers from a cross-site scripting vulnerability that stems from insufficient validation of user-supplied HTML tag name input, which can be exploited by an attacker to execu...
WordPress HT Mega – Absolute Addons For Elementor plugin <= 3.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Tag Attribute Injection vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Tag Attribute Injection vulnerability discovered by Abu Hurayra HurayraIIT in WordPress Plugin HT Mega versions = 3.0.0...
WordPress Insert Headers and Footers Code – HT Script plugin <= 1.1.6 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability
Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Insert Headers and Footers Code – HT Script versions = 1.1.6...
CVE-2025-12112 Insert Headers and Footers Code – HT Script <= 1.1.6 - Authenticated (Author+) Stored Cross-Site Scripting
The Insert Headers and Footers Code – HT Script plugin for WordPress is vulnerable to Stored Cross-Site Scripting via adding scripts in all versions up to, and including, 1.1.6 due to insufficient capability checks. This makes it possible for authenticated attackers, with Author-level access and...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL dereference at band check in starting tx ba session In MLD connection, linkdata/linkconf are dynamically allocated. They don't point to vif-bssconf. So, there will be no chanreq assigned to vif-bssconf an...
EUVD-2007-5759
Malware in sbrugna...