5 matches found
EUVD-2025-28071
Malicious code in bioql PyPI...
EUVD-2024-17175
Malicious code in bioql PyPI...
HT Mega – Absolute Addons For Elementor < 2.4.5 - Contributor+ Stored Cross-Site Scripting via Post Carousel Widget
Description The plugin is vulnerable to Stored Cross-Site Scripting via the ‘bordertype’ attribute of the Post Carousel widget in all versions up to, and including, 2.4.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2024-1421
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘bordertype’ attribute of the Post Carousel widget in all versions up to, and including, 2.4.4 due to insufficient input sanitization and output escaping. This makes it possible f...
PT-2024-18031 · WordPress · Ht Mega – Absolute Addons For Elementor
Name of the Vulnerable Software and Affected Versions: HT Mega – Absolute Addons For Elementor plugin for WordPress versions up to, and including, 2.4.4 Description: The issue is related to Stored Cross-Site Scripting via the border type attribute of the Post Carousel widget due to insufficient...