Devitemsllc Ht Mega Addons For Elementor – Elementor Widgets & Template Builder
24 CVEs affecting Devitemsllc Ht Mega Addons For Elementor – Elementor Widgets & Template Builder. Latest disclosed: 2025-11-21. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-1974 | High | 8.8 | 2024-04-09 | The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4.6 via the rende… |
CVE-2023-6214 | High | 7.5 | 2024-05-02 | The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.4.6 vi… |
CVE-2025-13141 | Medium | 6.4 | 2025-11-21 | The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Gutenberg blocks in all versions… |
CVE-2025-1802 | Medium | 6.4 | 2025-03-20 | The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘marker_title’, 'notification_content', a… |
CVE-2025-1261 | Medium | 6.4 | 2025-03-08 | The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the plugin's Countdown widget in al… |
CVE-2024-12599 | Medium | 6.4 | 2025-02-11 | The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions… |
CVE-2024-12597 | Medium | 6.4 | 2025-02-04 | The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'block_css' and 'inner_css' parameters in… |
CVE-2024-5215 | Medium | 6.4 | 2024-06-26 | The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and i… |
CVE-2024-5173 | Medium | 6.4 | 2024-06-26 | The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Video player widget settings in all versi… |
CVE-2024-4876 | Medium | 6.4 | 2024-05-21 | The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘popover_header_text’ parameter in versio… |
CVE-2024-3990 | Medium | 6.4 | 2024-05-09 | The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Tooltip & Popover Widget in all versions… |
CVE-2024-3989 | Medium | 6.4 | 2024-05-09 | The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Gallery Justify Widget in all ve… |
CVE-2024-3307 | Medium | 6.4 | 2024-05-02 | The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown widget's attributes in all vers… |
CVE-2024-2084 | Medium | 6.4 | 2024-05-02 | The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's lightbox widget in all versions… |
CVE-2024-2790 | Medium | 6.4 | 2024-05-02 | The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Accordion widget in all versions up to, and i… |
CVE-2024-3308 | Medium | 6.4 | 2024-05-02 | The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Grid widget's attributes in all ver… |
CVE-2024-2085 | Medium | 6.4 | 2024-05-02 | The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'size' value in several widgets all versi… |
CVE-2024-1421 | Medium | 6.4 | 2024-03-12 | The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘border_type’ attribute of the Post Carou… |
CVE-2024-1397 | Medium | 6.4 | 2024-03-12 | The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's blocks in all versions up to, an… |
CVE-2025-8068 | Medium | 4.3 | 2025-07-31 | The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to unauthorized modification and loss of data due to an improper capability chec… |