WordPress HT Mega - Absolute Addons For Elementor plugin <= 2.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Grid Widget vulnerability

WordPress HT Mega - Absolute Addons For Elementor plugin = 2.4.9 - Authenticated Contributor+ Stored Cross-Site Scripting via Image Grid Widget vulnerability discovered by João Pedro Soares de Alcântara - Kinorth in WordPress Plugin HT Mega versions = 2.4.9...

WordPress HT Mega - Absolute Addons For Elementor plugin <= 2.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Video Player Widget Settings vulnerability

WordPress HT Mega - Absolute Addons For Elementor plugin = 2.5.5 - Authenticated Contributor+ Stored Cross-Site Scripting via Video Player Widget Settings vulnerability discovered by João Pedro Soares de Alcântara - Kinorth in WordPress Plugin HT Mega versions = 2.5.5...

CVE-2026-22468

Missing Authorization vulnerability in AbsolutePlugins Absolute Addons For Elementor absolute-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Absolute Addons For Elementor: from n/a through = 1.0.14...

CVE-2026-22468

Missing Authorization vulnerability in AbsolutePlugins Absolute Addons For Elementor absolute-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Absolute Addons For Elementor: from n/a through = 1.0.14...

CVE-2026-22468

Missing Authorization vulnerability in AbsolutePlugins Absolute Addons For Elementor absolute-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Absolute Addons For Elementor: from n/a through = 1.0.14...

CVE-2026-22468

CVE-2026-22468 is a Missing Authorization vulnerability in Absolute Addons For Elementor. Affected product: Absolute Addons For Elementor; vulnerable versions are

CVE-2026-22468 WordPress Absolute Addons For Elementor plugin <= 1.0.14 - Broken Access Control vulnerability

Missing Authorization vulnerability in AbsolutePlugins Absolute Addons For Elementor absolute-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Absolute Addons For Elementor: from n/a through = 1.0.14...

CVE-2026-22468 WordPress Absolute Addons For Elementor plugin <= 1.0.14 - Broken Access Control vulnerability

Missing Authorization vulnerability in AbsolutePlugins Absolute Addons For Elementor absolute-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Absolute Addons For Elementor: from n/a through = 1.0.14...

WordPress plugin Absolute Addons For Elementor has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...

PT-2026-4238

Missing Authorization vulnerability in AbsolutePlugins Absolute Addons For Elementor absolute-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Absolute Addons For Elementor: from n/a through = 1.0.14...

WordPress Absolute Addons For Elementor plugin <= 1.0.14 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Absolute Addons For Elementor versions = 1.0.14...

CVE-2025-13141

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Gutenberg blocks in all versions up to, and including, 3.0.0 due to insufficient input validation on user-supplied HTML tag names. This is due to the lack of a tag name...

WordPress HT Mega – Absolute Addons For Elementor plugin <= 3.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Tag Attribute Injection vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Tag Attribute Injection vulnerability discovered by Abu Hurayra HurayraIIT in WordPress Plugin HT Mega versions = 3.0.0...

EUVD-2024-46087

Malicious code in bioql PyPI...

EUVD-2023-55634

Malicious code in bioql PyPI...

EUVD-2025-19389

Malicious code in bioql PyPI...

CVE-2025-53463 WordPress HT Mega – Absolute Addons for WPBakery Page Builder Plugin <= 1.0.9 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HT Plugins HT Mega – Absolute Addons for WPBakery Page Builder ht-mega-for-wpbakery allows DOM-Based XSS.This issue affects HT Mega – Absolute Addons for WPBakery Page Builder: from n/a through =...

CVE-2025-53463

CVE-2025-53463 is linked to HT Mega – Absolute Addons for WPBakery Page Builder (ht-mega-for-wpbakery). Connected documents indicate a authenticated, stored Cross-Site Scripting vulnerability in HT Mega for WPBakery Page Builder, affecting versions from n/a up to and including 1.0.9. The issue ar...

WordPress HT Mega - Absolute Addons For Elementor plugin Information Disclosure Vulnerability

WordPress HT Mega - Absolute Addons For Elementor plugin is an Elementor page builder plugin designed specifically for WordPress, offering over 100 custom widgets, 360+ preset modules, and multiple templates for blogs, sliders , collapsible menus and other page elements. A vulnerability exists in...

CVE-2025-8151

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.9.1 via the 'saveblockcss' function. This makes it possible for authenticated attackers, with Author-level access and above, to create CSS files in any director...