Happy Addons For Elementor
Monthly
Happy Addons for Elementor through version 3.20.8 exposes sensitive system information to unauthorized users via an information disclosure vulnerability, allowing remote unauthenticated attackers to retrieve embedded sensitive data without authentication or user interaction. The vulnerability affects all installations of the plugin up to and including version 3.20.8, with a CVSS score of 5.3 reflecting the confidentiality impact of exposed system data.
The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ha_cmc_text' parameter of the Happy Mouse Cursor in all versions up to, and including, 3.15.1. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
Happy Addons for Elementor through version 3.20.8 exposes sensitive system information to unauthorized users via an information disclosure vulnerability, allowing remote unauthenticated attackers to retrieve embedded sensitive data without authentication or user interaction. The vulnerability affects all installations of the plugin up to and including version 3.20.8, with a CVSS score of 5.3 reflecting the confidentiality impact of exposed system data.
The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ha_cmc_text' parameter of the Happy Mouse Cursor in all versions up to, and including, 3.15.1. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.