Cross-site Scripting Vulnerability in HT Plugins HT Team Member

CVE-2025-49309

What is CVE-2025-49309?

The HT Plugins HT Team Member plugin contains a Cross-site Scripting (XSS) vulnerability that allows attackers to inject malicious scripts into web pages. This stored XSS issue enables unauthorized users to execute arbitrary JavaScript in the context of the authenticated user, potentially compromising user data and integrity of the site. Users of HT Team Member versions n/a through 1.1.7 are particularly at risk and should take proactive measures to secure their websites.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References