CVE-2024-32782 WordPress HT Mega plugin <= 2.4.7 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in DevItems HT Mega ht-mega-for-elementor.This issue affects HT Mega: from n/a through = 2.4.7...

CVE-2024-32782

CVE-2024-32782 concerns an Information Exposure vulnerability in the HasThemes HT Mega plugin for WordPress, with HT Mega versions listed as affected up to 2.4.7. The Red Hat entry mirrors this description, stating an Exposure of Sensitive Information to an Unauthorized Actor vulnerability affect...

CVE-2024-32782 WordPress HT Mega plugin <= 2.4.7 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in DevItems HT Mega ht-mega-for-elementor.This issue affects HT Mega: from n/a through = 2.4.7...

Mega Elements < 1.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Mega Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.1.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with...

WordPress plugin HT Mega 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

PT-2024-24854 · Hasthemes · Ht Mega

Name of the Vulnerable Software and Affected Versions: HasThemes HT Mega versions n/a through 2.4.7 Description: The issue is related to the exposure of sensitive information to an unauthorized actor. This is a problem where sensitive data is made available to individuals who should not have acce...

WordPress HT Mega plugin <= 2.4.7 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin HT Mega versions = 2.4.7...

WordPress HT Mega Plugin <= 2.4.7 is vulnerable to Sensitive Data Exposure

Software HT Mega Type Plugin Vulnerable versions = 2.4.7 Fixed in 2.4.8 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-32782 Patch priority Low CVSS severity Low 4.3 Developer HTMega PSID ae2be9eaec1a Credits Khalid Yusuf Required privilege Contributor...

CVE-2024-32575

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kraftplugins Mega Elements allows Stored XSS.This issue affects Mega Elements: from n/a through 1.1.9...

CVE-2024-32575

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kraftplugins Mega Elements allows Stored XSS.This issue affects Mega Elements: from n/a through 1.1.9...

CVE-2024-32575 WordPress Mega Elements plugin <= 1.1.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kraftplugins Mega Elements allows Stored XSS.This issue affects Mega Elements: from n/a through 1.1.9...

CVE-2024-32575 WordPress Mega Elements plugin <= 1.1.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kraftplugins Mega Elements allows Stored XSS.This issue affects Mega Elements: from n/a through 1.1.9...

CVE-2024-32575

CVE-2024-32575 affects Mega Elements – Addons for Elementor. The vulnerability is a Stored Cross-Site Scripting (XSS) in Mega Elements &lt;= 1.1.9. Public sources (Red Hat advisory and Wordfence vulnerability details) confirm the affected product and the issue type. The issue arises from improper...

WordPress Plugin Mega Elements 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

PT-2024-24696 · Kraftplugins · Kraftplugins Mega Elements

Name of the Vulnerable Software and Affected Versions: Kraftplugins Mega Elements versions 1.1.9 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored XSS. This means an attacker can inject malicious scripts into the...

CVE-2024-32515 WordPress Mega Addons For Elementor plugin <= 1.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Qamar Sheeraz, Nasir Ahmad Mega Addons For Elementor.This issue affects Mega Addons For Elementor: from n/a through 1.8...

CVE-2024-32515

Technical details for CVE-2024-32515 are not publicly available in the provided connected documents. Based on the supplied data, we cannot confirm affected versions, root cause, impact, or fixes. Monitor for official advisories or vendor security notices for updates.

WordPress HT Mega plugin <= 2.4.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Accordion/FAQ vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Accordion/FAQ vulnerability discovered by Ngô Thiên An ancorn - VNPT-VCI, Dau Hoang Tai - VCI in WordPress Plugin HT Mega versions = 2.4.8...

WordPress HT Mega plugin <= 2.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by wesley wcraft in WordPress Plugin HT Mega versions = 2.4.6...

WordPress HT Mega plugin <= 2.4.6 - Sensitive Information Exposure via purchased_products vulnerability

Sensitive Information Exposure via purchasedproducts vulnerability discovered by Francesco Carlucci in WordPress Plugin HT Mega versions = 2.4.6...