CVE-2024-32575

CVE-2024-32575 affects Mega Elements – Addons for Elementor. The vulnerability is a Stored Cross-Site Scripting (XSS) in Mega Elements <= 1.1.9. Public sources (Red Hat advisory and Wordfence vulnerability details) confirm the affected product and the issue type. The issue arises from improper...

CVE-2024-37466

CVE-2024-37466 describes an XSS vulnerability in the WordPress plugin Mega Elements (Addons for Elementor) . The issue is caused by improper neutralization of input during web page generation and affects Mega Elements: from n/a through 1.2.2 . Connected documents corroborate the vulnerability und...

CVE-2024-49693

CVE-2024-49693 describes a stored XSS in Kraftplugins Mega Elements for Elementor, due to improper input neutralization during web page generation. Affected versions are Mega Elements from n/a through 1.2.6; Patch information indicates a fix in 1.2.7. Multiple sources (CVE entry, Red Hat/AR OS, P...

CVE-2024-4702

CVE-2024-4702 refers to a Stored Cross-Site Scripting flaw in the Mega Elements – Addons for Elementor WordPress plugin. The issue arises in the Button widget, due to insufficient input sanitization and output escaping on user-supplied attributes, enabling an attacker with contributor-level acces...