WordPress Plugin Vulnerabilities

HT Mega < 2.5.3 - Subscriber+ Options Update

Description

The plugin is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajax_dismiss' function, allowing authenticated attackers, with subscriber-level permissions and above, to update options such as users_can_register, which can lead to unauthorized user registration.

Affects Plugins

Plugin icon
ht-mega-for-elementor
Fixed in 2.5.3

References

CVE
CVE-2024-4875
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/bdd3868a-d741-42b4-bc7f-6fb5d33bb71b

Classification

Type
NO AUTHORISATION
OWASP top 10
A5: Broken Access Control
CWE
CWE-862
CVSS
8.8 (high)

Miscellaneous

Original Researcher
1337_Wannabe
Verified
No
WPVDB ID
30000ba5-7a84-4590-b6ab-ff764620a728

Timeline

Publicly Published
2024-05-20 (about 2 years ago)
Added
2024-05-21 (about 2 years ago)
Last Updated
2024-05-21 (about 2 years ago)

Other

Published
Title
Published
2026-02-13
Title
BlueSnap Payment Gateway for WooCommerce < 3.4.1 - Missing Authorization to Unauthenticated Arbitrary Order Status Manipulation
Published
2026-01-16
Title
onepay Payment Gateway For WooCommerce < 1.1.3 - Missing Authorization to Unauthenticated Order Status Modification
Published
2026-03-02
Title
pixfort Core < 3.2.26 - Missing Authorization
Published
2024-07-08
Title
Pie Register - Basic <= 3.8.3.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation and Activation/Deactivation
Published
2024-10-21
Title
Best Restaurant Menu by PriceListo < 1.4.3 - Missing Authorization