Cross-site Scripting Vulnerability in HT Plugins HT Team Member
CVE-2025-49309
6.5MEDIUM
What is CVE-2025-49309?
The HT Plugins HT Team Member plugin contains a Cross-site Scripting (XSS) vulnerability that allows attackers to inject malicious scripts into web pages. This stored XSS issue enables unauthorized users to execute arbitrary JavaScript in the context of the authenticated user, potentially compromising user data and integrity of the site. Users of HT Team Member versions n/a through 1.1.7 are particularly at risk and should take proactive measures to secure their websites.
Affected Version(s)
HT Team Member <= 1.1.7