VYPR

HT Mega for Elementor

by WordPress

CVEs (2)

  • CVE-2024-4876MedMay 21, 2024
    risk 0.35cvss 6.4epss 0.00

    The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘popover_header_text’ parameter in versions up to, and including, 2.5.2 due to insufficient input sanitization and output escaping. This makes it possible…

  • CVE-2024-4875MedMay 21, 2024
    risk 0.21cvss 4.3epss 0.01

    The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to unauthorized modification of data|loss of data due to a missing capability check on the 'ajax_dismiss' function in versions up to, and including, 2.5.2. This makes it possible for authenticated…