Lucene search
+L

310 matches found

CVE
CVE
added 2025/07/31 11:19 a.m.30 views

CVE-2025-8068

The CVE-2025-8068 issue affects the WordPress plugin HT Mega – Absolute Addons For Elementor. A vulnerability in the ajax_trash_templates function arises from an improper capability check, making authenticated users with Contributor-level access and above able to delete arbitrary attachment files...

4.3CVSS6.3AI score0.00292EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/31 11:19 a.m.7 views

CVE-2025-8401 HT Mega – Absolute Addons For Elementor <= 2.9.1 - Authenticated (Author+) Sensitive Information Exposure

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.1 via the 'getpostdata' function. This makes it possible for authenticated attackers, with Author-level access and above, to extract sensitive...

4.3CVSS6.7AI score0.00323EPSS
Exploits0References3
CVE
CVE
added 2025/07/31 11:19 a.m.30 views

CVE-2025-8401

The CVE concerns the WordPress plugin HT Mega – Absolute Addons For Elementor (WordPress) with vulnerable behavior in get_post_data. All versions up to and including 2.9.1 allow authenticated attackers with Author-level access or higher to disclose sensitive information, including the content of ...

4.3CVSS6.2AI score0.00323EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/31 11:19 a.m.3 views

CVE-2025-8151 HT Mega – Absolute Addons For Elementor <= 2.9.1 - Authenticated (Author+) Path Traversal to Limited Arbitrary CSS File Actions

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.9.1 via the 'saveblockcss' function. This makes it possible for authenticated attackers, with Author-level access and above, to create CSS files in any director...

4.3CVSS6.8AI score0.00376EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/07/31 11:19 a.m.20 views

CVE-2025-8401 HT Mega – Absolute Addons For Elementor <= 2.9.1 - Authenticated (Author+) Sensitive Information Exposure

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.1 via the 'getpostdata' function. This makes it possible for authenticated attackers, with Author-level access and above, to extract sensitive...

4.3CVSS0.00323EPSS
Exploits0References3
CVE
CVE
added 2025/07/31 11:19 a.m.27 views

CVE-2025-8151

CVE-2025-8151 (HT Mega – Absolute Addons For Elementor) is a path traversal vulnerability in the WordPress plugin HT Mega up to version 2.9.1. The flaw resides in the save_block_css function and can be exploited by an authenticated user with Author+ privileges to create and delete CSS files in an...

4.3CVSS6.2AI score0.00376EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/07/31 11:19 a.m.11 views

CVE-2025-8151 HT Mega – Absolute Addons For Elementor <= 2.9.1 - Authenticated (Author+) Path Traversal to Limited Arbitrary CSS File Actions

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.9.1 via the 'saveblockcss' function. This makes it possible for authenticated attackers, with Author-level access and above, to create CSS files in any director...

4.3CVSS0.00376EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/07/31 12:0 a.m.6 views

PT-2025-31507 · WordPress +1 · Absolute Addons For Elementor +1

Name of the Vulnerable Software and Affected Versions: HT Mega – Absolute Addons For Elementor plugin for WordPress versions prior to 2.9.2 Description: The HT Mega – Absolute Addons For Elementor plugin for WordPress is susceptible to sensitive information exposure due to the get post data...

4.3CVSS6AI score0.00323EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/07/31 12:0 a.m.5 views

WordPress plugin HT Mega 径遍历漏洞

WordPress HT Mega plugin is an Elementor page builder plugin designed for WordPress, offering over 100 custom widgets, 360+ preset modules, and a variety of templates for blogs, sliders, collapsible menus, and other page elements. A path traversal vulnerability exists in the WordPress HT Mega...

4.3CVSS6.8AI score0.00376EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/07/31 12:0 a.m.6 views

PT-2025-31505 · Microsoft +1 · Windows +1

Name of the Vulnerable Software and Affected Versions: HT Mega – Absolute Addons For Elementor plugin for WordPress versions prior to 2.9.2 Description: The HT Mega – Absolute Addons For Elementor plugin for WordPress is susceptible to a path traversal issue. This allows authenticated attackers...

4.3CVSS6.2AI score0.00376EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/07/31 12:0 a.m.5 views

WordPress plugin HT Mega 安全漏洞

WordPress HT Mega plugin is an Elementor page builder plugin designed for WordPress, offering over 100 custom widgets, 360+ preset modules, and a variety of templates for blogs, sliders, collapsible menus, and other page elements. A security vulnerability exists in WordPress HT Mega plugin, which...

4.3CVSS6.6AI score0.00292EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/07/31 12:0 a.m.8 views

PT-2025-31504 · Elementor +1 · Elementor +1

Name of the Vulnerable Software and Affected Versions: HT Mega – Absolute Addons For Elementor plugin for WordPress versions prior to 2.9.2 Description: The HT Mega – Absolute Addons For Elementor plugin for WordPress is susceptible to unauthorized modification and data loss. This is due to an...

4.3CVSS6.4AI score0.00292EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/07/31 12:0 a.m.7 views

WordPress plugin HT Mega – Absolute Addons For Elementor 授权问题漏洞

WordPress HT Mega - Absolute Addons For Elementor plugin is an Elementor page builder plugin designed specifically for WordPress, offering over 100 custom widgets, 360+ preset modules, and multiple templates for blogs, sliders , collapsible menus and other page elements. A vulnerability exists in...

4.3CVSS6.6AI score0.00323EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/07/30 3:3 p.m.9 views

WordPress HT Mega Plugin plugin <= 2.9.0 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Denver Jackson in WordPress Plugin HT Mega versions = 2.9.0...

5.4CVSS6.7AI score0.00259EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/06/29 2:26 p.m.7 views

CVE-2025-53206

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HT Plugins HT Mega – Absolute Addons for WPBakery Page Builder ht-mega-for-wpbakery allows Stored XSS.This issue affects HT Mega – Absolute Addons for WPBakery Page Builder: from n/a through = 1.0....

6.5CVSS5.9AI score0.00209EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/06/27 2:41 p.m.9 views

WordPress HT Mega – Absolute Addons for WPBakery Page Builder plugin <= 1.0.8 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by theviper17 in WordPress Plugin HT Mega – Absolute Addons for WPBakery Page Builder versions = 1.0.8...

6.5CVSS5.7AI score0.00209EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/06/27 2:15 p.m.5 views

CVE-2025-53206

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HT Plugins HT Mega – Absolute Addons for WPBakery Page Builder ht-mega-for-wpbakery allows Stored XSS.This issue affects HT Mega – Absolute Addons for WPBakery Page Builder: from n/a through = 1.0....

6.5CVSS0.00209EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/27 1:21 p.m.3 views

CVE-2025-53206 WordPress HT Mega – Absolute Addons for WPBakery Page Builder plugin <= 1.0.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HT Plugins HT Mega – Absolute Addons for WPBakery Page Builder ht-mega-for-wpbakery allows Stored XSS.This issue affects HT Mega – Absolute Addons for WPBakery Page Builder: from n/a through = 1.0....

6.5CVSS5.2AI score0.00209EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/27 1:21 p.m.14 views

CVE-2025-53206 WordPress HT Mega – Absolute Addons for WPBakery Page Builder plugin <= 1.0.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HT Plugins HT Mega – Absolute Addons for WPBakery Page Builder ht-mega-for-wpbakery allows Stored XSS.This issue affects HT Mega – Absolute Addons for WPBakery Page Builder: from n/a through = 1.0....

6.5CVSS0.00209EPSS
Exploits0References1
CVE
CVE
added 2025/06/27 1:21 p.m.15 views

CVE-2025-53206

CVE-2025-53206 corresponds to a stored XSS vulnerability in the WordPress plugin HT Mega – Absolute Addons for WPBakery Page Builder . Affected: versions ≤ 1.0.8. Root cause: improper input neutralization during web page generation. Impact per reported CVSS: Network attack, Privileges Required Lo...

6.5CVSS5.9AI score0.00209EPSS
Exploits0References1
Rows per page
Query Builder