CVE-2023-51529 WordPress HT Mega Plugin <= 2.3.3 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in HasThemes HT Mega – Absolute Addons For Elementor.This issue affects HT Mega – Absolute Addons For Elementor: from n/a through 2.3.3...

CVE-2023-51529

CVE-2023-51529 is a Cross-Site Request Forgery (CSRF) vulnerability in HasThemes HT Mega – Absolute Addons For Elementor, affecting HT Mega – Absolute Addons For Elementor versions up to 2.3.3. The issue enables unauthorized actions to be performed on behalf of an authenticated user, as indicated...

WordPress Plugin HT Mega - Absolute Addons For Elementor Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. WordPress Plugin HT Mega - Absolute Addons For Elementor...

The vulnerability of the microprogramming software of AMI MegaRAC SP-X controllers allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the microprogramming software of AMI MegaRAC SP-X controllers relates to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

FBI: Androxgh0st Malware Building Mega-Botnet for Credential Theft

By Deeba Ahmed The AndroxGh0st malware was initially reported in December 2022. This is a post from HackRead.com Read the original post: FBI: Androxgh0st Malware Building Mega-Botnet for Credential Theft...

mega-bangna.com Cross Site Scripting vulnerability OBB-3836160

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

mega-drive.net Cross Site Scripting vulnerability OBB-3833254

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

PT-2024-1586 · Ami · Ami Megarac Sp-X

Name of the Vulnerable Software and Affected Versions: AMI MegaRAC SP-X affected versions not specified Description: The issue is related to a buffer overflow in the dynamic memory of the AMI MegaRAC SP-X software, which can be exploited by a remote attacker to impact the confidentiality,...

AMI MegaRAC SPx Buffer Error Vulnerability

AMI MegaRAC is a family of service processor products from AMI. Provides complete out-of-band or unlit remote management of computer systems independent of operating system state or location to troubleshoot computers and ensure service continuity. A security vulnerability exists in the AMI MegaRA...

PT-2024-1585 · Ami · Ami Megarac Sp-X

Name of the Vulnerable Software and Affected Versions: AMI MegaRAC SP-X affected versions not specified Description: The issue is related to a heap memory corruption vulnerability in the BMC of AMI MegaRAC SP-X. This vulnerability can be exploited by an attacker via an adjacent network, potential...

HT Mega < 2.3.4 - Arbitrary Plugin/Theme Activation via CSRF

Description The plugin does not have CSRF checks in various functions in its admin/include/template-library.php file, which could allow attackers to make logged in admins activate plugins/themes via CSRF attacks...

CVE-2023-50901

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HasThemes HT Mega – Absolute Addons For Elementor allows Reflected XSS.This issue affects HT Mega – Absolute Addons For Elementor: from n/a through 2.3.8...

CVE-2023-50901

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HasThemes HT Mega – Absolute Addons For Elementor allows Reflected XSS.This issue affects HT Mega – Absolute Addons For Elementor: from n/a through 2.3.8...

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HasThemes HT Mega – Absolute Addons For Elementor allows Reflected XSS.This issue affects HT Mega – Absolute Addons For Elementor: from n/a through 2.3.8...

CVE-2023-50901

CVE-2023-50901 describes a reflected XSS in HasThemes HT Mega – Absolute Addons For Elementor, affecting HT Mega for Elementor versions up to 2.3.8. The root cause is improper neutralization of user input during web page generation. Impact is cross-site scripting on pages that incorporate the vul...

CVE-2023-50901 WordPress HT Mega Plugin <= 2.3.8 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HasThemes HT Mega – Absolute Addons For Elementor allows Reflected XSS.This issue affects HT Mega – Absolute Addons For Elementor: from n/a through 2.3.8...

PT-2023-31709 · Hasthemes · Ht Mega – Absolute Addons For Elementor

Name of the Vulnerable Software and Affected Versions: HasThemes HT Mega – Absolute Addons For Elementor versions through 2.3.8 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows Reflected XSS. This...

WordPress Plugin HT Mega Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress HT Mega Plugin <= 2.3.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software HT Mega Type Plugin Vulnerable versions = 2.3.3 Fixed in 2.3.4 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-51529 Patch priority Low CVSS severity Low 4.3 Developer HTMega PSID af6331300a3e Credits Brandon Roldan Required privilege...

WordPress HT Mega Plugin <= 2.3.8 is vulnerable to Cross Site Scripting (XSS)

Software HT Mega Type Plugin Vulnerable versions = 2.3.8 Fixed in 2.3.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-50901 Patch priority Medium CVSS severity Medium 7.1 Developer HTMega PSID 46290c97b255 Credits Le Ngoc Anh Required privilege Unauthenticated...