Vulnerabilities > Kraftplugins > Mega Elements
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-24 | CVE-2024-49693 | Cross-site Scripting vulnerability in Kraftplugins Mega Elements Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kraftplugins Mega Elements allows Stored XSS.This issue affects Mega Elements: from n/a through 1.2.6. | 5.4 |
| 2024-07-21 | CVE-2024-37466 | Unspecified vulnerability in Kraftplugins Mega Elements Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kraftplugins Mega Elements.This issue affects Mega Elements: from n/a through 1.2.2. | 5.4 |
| 2024-05-15 | CVE-2024-4702 | Cross-site Scripting vulnerability in Kraftplugins Mega Elements The Mega Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Button widget in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-04-18 | CVE-2024-32575 | Unspecified vulnerability in Kraftplugins Mega Elements Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kraftplugins Mega Elements allows Stored XSS.This issue affects Mega Elements: from n/a through 1.1.9. | 5.4 |