The HT Mega plugin for WordPress is at risk of a security issue called Stored Cross-Site Scripting. This is because it does not properly clean up or protect the information entered into the Image Grid widget. This means that someone with contributor access or higher could add harmful code to a page, which would then run whenever someone views that page.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
