CVE-2024-30553

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Joby Joseph WP Twitter Mega Fan Box Widget allows Stored XSS.This issue affects WP Twitter Mega Fan Box Widget : from n/a through 1.0...

CVE-2024-30553 WordPress WP Twitter Mega Fan Box Widget plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Joby Joseph WP Twitter Mega Fan Box Widget allows Stored XSS.This issue affects WP Twitter Mega Fan Box Widget : from n/a through 1.0...

CVE-2024-30553

CVE-2024-30553 is a stored XSS in the WP Twitter Mega Fan Box Widget for WordPress. The vulnerability arises from improper input neutralization during web page generation, affecting the WP Twitter Mega Fan Box Widget versions up to 1.0 (older than 1.0). The connected Red Hat advisory confirms the...

WordPress Plugin WP Twitter Mega Fan Box Widget 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin WP Twitter Mega Fan Box...

PT-2024-23483 · WordPress · Wp Twitter Mega Fan Box Widget

Name of the Vulnerable Software and Affected Versions: WP Twitter Mega Fan Box Widget versions 1.0 and earlier Description: The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting. This allows for Stored XSS, enabling attackers to...

WordPress WP Twitter Mega Fan Box Widget plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Cronus Patchstack Alliance in WordPress Plugin WP Twitter Mega Fan Box Widget versions = 1.0...

WordPress WP Twitter Mega Fan Box Widget Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software WP Twitter Mega Fan Box Widget Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-30553 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 6b9f98b57959 Credits Cronus Required privilege...

CVE-2024-28003

Missing Authorization vulnerability in Megamenu Max Mega Menu.This issue affects Max Mega Menu: from n/a through 3.3...

CVE-2024-28003 WordPress Max Mega Menu plugin <= 3.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Megamenu Max Mega Menu.This issue affects Max Mega Menu: from n/a through 3.3...

CVE-2024-28003

CVE-2024-28003 affects the WordPress plugin Max Mega Menu (Max Mega Menu) up to version 3.3 (inclusive). Root cause: missing authorization check in the sandbox() function enables “broken access control,” allowing unauthorised or limited-privilege actions by authenticated users (e.g., subscriber l...

WordPress Plugin Max Mega Menu 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

CVE-2024-30182

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HasThemes HT Mega allows Stored XSS.This issue affects HT Mega: from n/a through 2.4.3...

CVE-2024-30182

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DevItems HT Mega ht-mega-for-elementor.This issue affects HT Mega: from n/a through = 2.4.3...

CVE-2024-30182 WordPress HT Mega – Absolute Addons For Elementor plugin <= 2.4.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DevItems HT Mega ht-mega-for-elementor.This issue affects HT Mega: from n/a through = 2.4.3...

CVE-2024-30182 WordPress HT Mega – Absolute Addons For Elementor plugin <= 2.4.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DevItems HT Mega ht-mega-for-elementor.This issue affects HT Mega: from n/a through = 2.4.3...

CVE-2024-30182

CVE-2024-30182 describes a Stored XSS in HasThemes HT Mega for Elementor caused by improper neutralization of input during web page generation. Affected: HT Mega up to version 2.4.3. Public details in the provided documents specify the issue and affected range but do not include a confirmed patch...

PT-2024-23233 · Ht Mega · Ht Mega

Name of the Vulnerable Software and Affected Versions: HT Mega versions through 2.4.3 Description: The issue is related to improper neutralization of input during web page generation, which allows stored cross-site scripting XSS. This means that an attacker can inject malicious scripts into the...

WordPress Plugin HT Mega 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

WordPress Max Mega Menu Plugin <= 3.3 is vulnerable to Broken Access Control

Software Max Mega Menu Type Plugin Vulnerable versions = 3.3 Fixed in 3.3.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-28003 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 3ddcba15780a Credits Rafie Muhammad Patchstack Require...

WordPress HT Mega Plugin <= 2.4.3 is vulnerable to Cross Site Scripting (XSS)

Software HT Mega Type Plugin Vulnerable versions = 2.4.3 Fixed in 2.4.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-30182 Patch priority Low CVSS severity Low 6.5 Developer HTMega PSID 0451a481cb52 Credits Khalid Yusuf Required privilege Contributor Published 2...