Every CVE whose affected-product data names Hasthemes Ht Mega, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (30)
CVE-2023-37999 — CVSS 9.8 (critical): Improper Privilege Management vulnerability in HasThemes HT Mega allows Privilege Escalation.This issue affects HT Mega: from n/a through…
CVE-2024-1974 — CVSS 8.8 (high): The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and…
CVE-2023-6214 — CVSS 7.5 (high): The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to…
CVE-2023-50901 — CVSS 7.1 (high): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes HT Mega – Absolute Addons…
CVE-2024-38706 — CVSS 6.5 (medium): Path Traversal: '.../...//' vulnerability in DevItems HT Mega ht-mega-for-elementor.This issue affects HT Mega: from n/a through <= 2.5.7.
CVE-2024-30182 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DevItems HT Mega…
CVE-2024-2084 — CVSS 6.4 (medium): The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's lightbox…
CVE-2024-2085 — CVSS 6.4 (medium): The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'size' value in…
CVE-2024-2790 — CVSS 6.4 (medium): The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Accordion widget in all…
CVE-2025-1261 — CVSS 6.4 (medium): The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the plugin's…
CVE-2024-3307 — CVSS 6.4 (medium): The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown widget's…
CVE-2024-3308 — CVSS 6.4 (medium): The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Grid widget's…
CVE-2024-3989 — CVSS 6.4 (medium): The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Gallery…
CVE-2024-3990 — CVSS 6.4 (medium): The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Tooltip & Popover…
CVE-2024-5215 — CVSS 6.4 (medium): The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all…
CVE-2024-5173 — CVSS 6.4 (medium): The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Video player widget…
CVE-2024-4876 — CVSS 6.4 (medium): The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the…
CVE-2025-1802 — CVSS 6.4 (medium): The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘marker_title’…
CVE-2024-12597 — CVSS 6.4 (medium): The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'block_css' and…
CVE-2024-12599 — CVSS 6.4 (medium): The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown…
CVE-2024-1397 — CVSS 6.4 (medium): The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's blocks in…
CVE-2024-1421 — CVSS 6.4 (medium): The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘border_type’…
CVE-2021-24261 — CVSS 5.4 (medium): The “HT Mega – Absolute Addons for Elementor Page Builder” WordPress Plugin before 1.5.7 has several widgets that are vulnerable to…
CVE-2024-4875 — CVSS 4.3 (medium): The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to unauthorized modification of data|loss of data due to a…
CVE-2024-8910 — CVSS 4.3 (medium): The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to…
CVE-2024-32782 — CVSS 4.3 (medium): Insertion of Sensitive Information Into Sent Data vulnerability in DevItems HT Mega ht-mega-for-elementor.This issue affects HT Mega: from…
CVE-2023-51529 — CVSS 4.3 (medium): Cross-Site Request Forgery (CSRF) vulnerability in HasThemes HT Mega – Absolute Addons For Elementor.This issue affects HT Mega –…
CVE-2025-8068 — CVSS 4.3 (medium): The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to unauthorized modification and loss of data due to an…
CVE-2025-8151 — CVSS 4.3 (medium): The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including…
CVE-2025-8401 — CVSS 4.3 (medium): The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to…