CVE-2024-3990
published 2024-05-14CVE-2024-3990: The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Tooltip & Popover Widget in all versions…
PriorityP423medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
EPSS
0.43%
34.3th percentile
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Tooltip & Popover Widget in all versions up to, and including, 2.5.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| devitemsllc | ht_mega_addons_for_elementor_elementor_widgets_template_builder | <= 2.5.0 | — |
| hasthemes | ht_mega | < 2.5.1 | 2.5.1 |
CVSS provenance
nvdv3.15.4MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
vendor_redhat8.0HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Rebuilding a run with revoked script approval allowed by Jenkins Pipeline: Groovy Plugin
ghsa·2024-11-13
CVE-2024-52550 [HIGH] CWE-285 Rebuilding a run with revoked script approval allowed by Jenkins Pipeline: Groovy Plugin
Rebuilding a run with revoked script approval allowed by Jenkins Pipeline: Groovy Plugin
Jenkins Pipeline: Groovy Plugin 3990.vd281dd77a_388 and earlier, except 3975.3977.v478dd9e956c3 does not check whether the main (Jenkinsfile) script for a rebuilt build is approved, allowing attackers with Item/Build permission to rebuild a previous build whose (Jenkinsfile) script is no longer approved. This allows attackers with Item/Build permission to rebuild a previous build whose (Jenkinsfile) script is no longer approved. Pipeline: Groovy Plugin 3993.v3e20a_37282f8 refuses to rebuild a build whose main (Jenkinsfile) script is unapproved.
GHSA
GHSA-qggf-x7gv-2c34: The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Tooltip & Popover Widget in all
ghsa_unreviewed·2024-05-14
CVE-2024-3990 [MEDIUM] CWE-79 GHSA-qggf-x7gv-2c34: The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Tooltip & Popover Widget in all
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Tooltip & Popover Widget in all versions up to, and including, 2.5.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Red Hat
jenkins-plugin/workflow-cps: Lack of Approval Check for Rebuilt Jenkins Pipelines
vendor_redhat·2024-11-13·CVSS 8.0
CVE-2024-52550 [HIGH] CWE-862 jenkins-plugin/workflow-cps: Lack of Approval Check for Rebuilt Jenkins Pipelines
jenkins-plugin/workflow-cps: Lack of Approval Check for Rebuilt Jenkins Pipelines
Jenkins Pipeline: Groovy Plugin 3990.vd281dd77a_388 and earlier, except 3975.3977.v478dd9e956c3 does not check whether the main (Jenkinsfile) script for a rebuilt build is approved, allowing attackers with Item/Build permission to rebuild a previous build whose (Jenkinsfile) script is no longer approved.
A flaw was found in the Jenkins Pipeline: Groovy Plugin (jenkins-plugin/workflow-cps). This vulnerability allows attackers with Item/Build permission to rebuild a previous build whose main (Jenkinsfile) script is no longer approved, bypassing script approval checks via the rebuild action.
Statement: This vulnerability is considered of important severity rather than moderate because it allows attackers with
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://plugins.trac.wordpress.org/browser/ht-mega-for-elementor/tags/2.5.0/includes/widgets/htmega_tooltip.php#L620https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3074490%40ht-mega-for-elementor&new=3074490%40ht-mega-for-elementor&sfp_email=&sfph_mail=#file4https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3074490%40ht-mega-for-elementor&new=3074490%40ht-mega-for-elementor&sfp_email=&sfph_mail=#file5https://www.wordfence.com/threat-intel/vulnerabilities/id/98e74a23-b586-4d6a-b1ab-78838b0eed61?source=cvehttps://plugins.trac.wordpress.org/browser/ht-mega-for-elementor/tags/2.5.0/includes/widgets/htmega_tooltip.php#L620https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3074490%40ht-mega-for-elementor&new=3074490%40ht-mega-for-elementor&sfp_email=&sfph_mail=#file4https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3074490%40ht-mega-for-elementor&new=3074490%40ht-mega-for-elementor&sfp_email=&sfph_mail=#file5https://www.wordfence.com/threat-intel/vulnerabilities/id/98e74a23-b586-4d6a-b1ab-78838b0eed61?source=cve
2024-05-14
Published