CVE-2024-8910 in HT Mega Plugininformação

Sumário

de MITRE • 25/09/2024

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.5 via the render function in includes/widgets/htmega_accordion.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Responsável

Wordfence

Reservar

16/09/2024

Divulgação

25/09/2024

Moderação

aceite

Entrada

VDB-278447

CPE

pronto

EPSS

0.00311

KEV

não

Atividades

muito baixo

Fontes

Interested in the pricing of exploits?

See the underground prices here!