Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Vulnrichment
Vulnrichmentadded 2026/04/23 6:0 a.m.0 views

CVE-2026-4106 HT Mega < 3.0.7 – Unauthenticated PII Disclosure

The HT Mega Addons for Elementor WordPress plugin before 3.0.7 contains an unauthenticated AJAX action returning some PII such as full name, city, state and country of customers who placed orders in the last 7 days...

5.8AI score0.0039EPSS
Exploits1References1
Cvelist
Cvelistadded 2025/09/22 6:25 p.m.7 views

CVE-2025-53463 WordPress HT Mega – Absolute Addons for WPBakery Page Builder Plugin <= 1.0.9 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HT Plugins HT Mega – Absolute Addons for WPBakery Page Builder ht-mega-for-wpbakery allows DOM-Based XSS.This issue affects HT Mega – Absolute Addons for WPBakery Page Builder: from n/a through =...

6.5CVSS0.00032EPSS
Exploits0References1
OSV
OSVadded 2025/02/11 5:15 a.m.0 views

CVE-2024-12599

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 2.8.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possibl...

6.1CVSS7.4AI score
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2024/06/26 7:15 a.m.2 views

CVE-2024-5215

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 2.5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS6.1AI score0.00187EPSS
Exploits0References7
OSV
OSVadded 2024/05/02 5:15 p.m.1 views

CVE-2024-3308

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Grid widget's attributes in all versions up to, and including, 2.4.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

5.4CVSS5.9AI score
Exploits0References2
Positive Technologies
Positive Technologiesadded 2024/03/12 12:0 a.m.3 views

PT-2024-18031 · WordPress · Ht Mega – Absolute Addons For Elementor

Name of the Vulnerable Software and Affected Versions: HT Mega – Absolute Addons For Elementor plugin for WordPress versions up to, and including, 2.4.4 Description: The issue is related to Stored Cross-Site Scripting via the border type attribute of the Post Carousel widget due to insufficient...

6.4CVSS7.9AI score0.00177EPSS
Exploits0References7
OSV
OSVadded 2021/05/05 7:15 p.m.1 views

CVE-2021-24261

The “HT Mega – Absolute Addons for Elementor Page Builder” WordPress Plugin before 1.5.7 has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...

5.4CVSS5.8AI score0.00222EPSS
Exploits1References2
Rows per page
Query Builder