| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-1974 | HT Mega – Absolute Addons For Elementor <= 2.4.5 - Authenticated (Contributor+) Directory Traversal | devitemsllc | HT Mega Addons for Elementor – Elementor Widgets & Template Builder | High | 8.8 | 2024-04-09 18:58:34 | Deep Dive |
| CVE-2024-1421 | HT Mega – Absolute Addons For Elementor <= 2.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Carousel Widget | devitemsllc | HT Mega Addons for Elementor – Elementor Widgets & Template Builder | Medium | 6.4 | 2024-03-12 22:32:27 | Deep Dive |
| CVE-2024-1397 | HT Mega <= 2.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via titleTag | devitemsllc | HT Mega Addons for Elementor – Elementor Widgets & Template Builder | Medium | 6.4 | 2024-03-12 22:32:26 | Deep Dive |
| CVE-2023-51529 | WordPress HT Mega Plugin <= 2.3.3 is vulnerable to Cross Site Request Forgery (CSRF) | HasThemes | HT Mega – Absolute Addons For Elementor | Medium | 4.3 | 2024-02-29 04:45:06 | Deep Dive |
| CVE-2023-50901 | WordPress HT Mega Plugin <= 2.3.8 is vulnerable to Cross Site Scripting (XSS) | HasThemes | HT Mega – Absolute Addons For Elementor | High | 7.1 | 2023-12-29 11:06:05 | Deep Dive |
| CVE-2023-4276 | Absolute Privacy <= 2.1 - Cross-Site Request Forgery to User Email/Password Change | johnkolbert | Absolute Privacy | High | 8.8 | 2023-08-10 06:53:58 | Deep Dive |
| CVE-2021-4426 | Absolute Reviews <= 1.0.8 - Cross-Site Request Forgery Bypass | codesupplyco | Absolute Reviews | Medium | 4.3 | 2023-07-12 07:21:51 | Deep Dive |
| CVE-2021-24261 | HT Mega - Absolute Addons for Elementor Page Builder < 1.5.7 - Contributor+ Stored XSS | Unknown | HT Mega – Absolute Addons for Elementor Page Builder | 中危 | - | 2021-05-05 18:28:46 | Deep Dive |