cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-8910,https://securityvulnerability.io/vulnerability/CVE-2024-8910,Sensitive Information Exposure in Plugin,"The HT Mega – Absolute Addons For Elementor plugin for WordPress has a vulnerability that allows for the exposure of sensitive information. All versions up to and including 2.6.5 are susceptible to this issue, specifically through the render function located in includes/widgets/htmega_accordion.php. This vulnerability permits authenticated users with Contributor-level access and higher to improperly access and extract confidential data related to private, pending, and draft templates, potentially compromising the security and integrity of affected WordPress sites.",Wordpress,Ht Mega - Absolute Addons For Elementor Page Builder,4.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-09-25T07:15:00.000Z,0
CVE-2021-24261,https://securityvulnerability.io/vulnerability/CVE-2021-24261,HT Mega - Absolute Addons for Elementor Page Builder < 1.5.7 - Contributor+ Stored XSS,"The “HT Mega – Absolute Addons for Elementor Page Builder” WordPress Plugin before 1.5.7 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.",Wordpress,Ht Mega – Absolute Addons For Elementor Page Builder,5.4,MEDIUM,0.0007399999885819852,false,,false,false,false,,false,false,2021-05-05T18:28:46.000Z,0