CVE-2024-8910 in HT Mega Plugin
Sumário
de MITRE • 25/09/2024
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.5 via the render function in includes/widgets/htmega_accordion.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.