HT Mega < 3.0.7 – Unauthenticated PII Disclosure_CVE-2026-4106

7.5 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Description

The HT Mega Addons for Elementor WordPress plugin before 3.0.7 contains an unauthenticated AJAX action returning some PII (such as full name, city, state and country) of customers who placed orders in the last 7 days

Basic Information

ID CVE-2026-4106

Source WPScan

Published Apr 23, 2026 at 06:00

Modified Apr 23, 2026 at 14:01

Affected Product

Vendor Unknown

Product HT Mega Addons for Elementor

Affected Versions Unknown HT Mega Addons for Elementor 0

CWE Classification

References

wpscan.com /vulnerability/9477ead2-3990-4aae-8e66-09ee2f4daa3e/

{
    "lastseen": "",
    "description": "The HT Mega Addons for Elementor  WordPress plugin before 3.0.7 contains an unauthenticated AJAX action returning some PII (such as full name, city, state and country) of customers who placed orders in the last 7 days",
    "published": "2026-04-23T06:00:06.084Z",
    "modified": "2026-04-23T14:01:26.967Z",
    "type": "cve",
    "title": "HT Mega < 3.0.7 \u2013 Unauthenticated PII Disclosure",
    "source": "WPScan",
    "references": "https://wpscan.com/vulnerability/9477ead2-3990-4aae-8e66-09ee2f4daa3e/",
    "id": "CVE-2026-4106",
    "bulletinFamily": "",
    "cwe": [
        ""
    ],
    "cvelist": null,
    "sourceData": "Unknown HT Mega Addons for Elementor 0",
    "sourceHref": "",
    "cvss": {
        "score": 7.5,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "HT Mega Addons for Elementor",
    "version": "0",
    "vendor": "Unknown",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}