CVE-2026-4106 - HT Mega < 3.0.7 – Unauthenticated PII Disclosure
CVE ID :CVE-2026-4106 Published : April 23, 2026, 7:16 a.m. | 29 minutes ago Description :The HT Mega Addons for Elementor WordPress plugin before 3.0.7 contains an unauthenticated AJAX action returning some PII (such as full name, city, state and country) of customers who placed orders in th
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Attackers Exploit LMDeploy Flaw in the Wild Within 12 Hours of Advisory
- [CYBER] North Korean Fake IT Workers Infiltrate Firms to Dodge Sanctions
- [CYBER] Personal info of 9,045 people compromised in Hong Kong private club data breach
- [CYBER] How ORBIT Solves the Langflow CVE‑2026‑33017 Vulnerability
- [CYBER] Lazarus Lures Developers With Backdoored Coding Tests
- [CYBER] Apple Patches iOS Flaw That Stored Deleted Signal Notifications in FBI Forensic Case