CVE-2024-49693
- EPSS 0.17%
- Veröffentlicht 24.10.2024 13:15:12
- Zuletzt bearbeitet 08.11.2024 15:19:50
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kraftplugins Mega Elements allows Stored XSS.This issue affects Mega Elements: from n/a through 1.2.6.
CVE-2024-47343
- EPSS 0.16%
- Veröffentlicht 06.10.2024 11:15:13
- Zuletzt bearbeitet 07.10.2024 17:47:48
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kraftplugins Mega Elements allows Stored XSS.This issue affects Mega Elements: from n/a through 1.2.4.
CVE-2024-37466
- EPSS 0.14%
- Veröffentlicht 21.07.2024 22:15:03
- Zuletzt bearbeitet 21.11.2024 09:23:53
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kraftplugins Mega Elements.This issue affects Mega Elements: from n/a through 1.2.2.
CVE-2024-4702
- EPSS 0.4%
- Veröffentlicht 15.05.2024 12:15:08
- Zuletzt bearbeitet 03.02.2025 16:28:43
The Mega Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Button widget in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. Thi...
CVE-2024-32575
- EPSS 0.18%
- Veröffentlicht 18.04.2024 10:15:12
- Zuletzt bearbeitet 05.02.2025 15:44:54
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kraftplugins Mega Elements allows Stored XSS.This issue affects Mega Elements: from n/a through 1.1.9.