Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
99 vulnerabilities by HasThemes
CVE-2025-68533 (GCVE-0-2025-68533)
Vulnerability from cvelistv5 – Published: 2025-12-24 12:31 – Updated: 2026-04-01 14:12
VLAI?
Title
WordPress WC Builder plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes WC Builder wc-builder allows Stored XSS.This issue affects WC Builder: from n/a through <= 1.2.0.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HasThemes | WC Builder |
Affected:
0 , ≤ 1.2.0
(custom)
|
Date Public ?
2026-04-01 16:02
Credits
zaim | Patchstack Bug Bounty Program
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-68533",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-24T19:06:48.801437Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-24T19:33:21.875Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wc-builder",
"product": "WC Builder",
"vendor": "HasThemes",
"versions": [
{
"changes": [
{
"at": "1.2.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "zaim | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:02:33.112Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in HasThemes WC Builder wc-builder allows Stored XSS.\u003cp\u003eThis issue affects WC Builder: from n/a through \u003c= 1.2.0.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in HasThemes WC Builder wc-builder allows Stored XSS.This issue affects WC Builder: from n/a through \u003c= 1.2.0."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "Stored XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T14:12:10.703Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/wc-builder/vulnerability/wordpress-wc-builder-plugin-1-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "WordPress WC Builder plugin \u003c= 1.2.0 - Cross Site Scripting (XSS) vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-68533",
"datePublished": "2025-12-24T12:31:26.717Z",
"dateReserved": "2025-12-19T10:17:03.706Z",
"dateUpdated": "2026-04-01T14:12:10.703Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-14054 (GCVE-0-2025-14054)
Vulnerability from cvelistv5 – Published: 2025-12-21 02:20 – Updated: 2026-04-08 16:51
VLAI?
Title
WC Builder <= 1.2.0 - Authenticated (Shop Manager+) Stored Cross-Site Scripting via 'heading_color' Shortcode Attribute
Summary
The WC Builder – WooCommerce Page Builder for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'heading_color' parameter (and multiple other styling parameters) of the `wpbforwpbakery_product_additional_information` shortcode in all versions up to, and including, 1.2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Shop Manager-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity ?
4.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| hasthemes | WC Builder – WooCommerce Page Builder for WPBakery |
Affected:
0 , ≤ 1.2.0
(semver)
|
Credits
Djaidja Moundjid
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-14054",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-22T20:24:41.657038Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T20:24:48.286Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WC Builder \u2013 WooCommerce Page Builder for WPBakery",
"vendor": "hasthemes",
"versions": [
{
"lessThanOrEqual": "1.2.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Djaidja Moundjid"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WC Builder \u2013 WooCommerce Page Builder for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u0027heading_color\u0027 parameter (and multiple other styling parameters) of the `wpbforwpbakery_product_additional_information` shortcode in all versions up to, and including, 1.2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Shop Manager-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:51:43.741Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4e4fe4b6-cc1e-40be-bd2e-bf2745244892?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/wc-builder/trunk/includes/addons/product_additional_information.php#L33"
},
{
"url": "https://plugins.trac.wordpress.org/browser/wc-builder/tags/1.2.0/includes/addons/product_additional_information.php#L33"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3419217/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-12-04T18:07:21.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-12-20T14:13:49.000Z",
"value": "Disclosed"
}
],
"title": "WC Builder \u003c= 1.2.0 - Authenticated (Shop Manager+) Stored Cross-Site Scripting via \u0027heading_color\u0027 Shortcode Attribute"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-14054",
"datePublished": "2025-12-21T02:20:32.034Z",
"dateReserved": "2025-12-04T17:49:44.131Z",
"dateUpdated": "2026-04-08T16:51:43.741Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-64271 (GCVE-0-2025-64271)
Vulnerability from cvelistv5 – Published: 2025-11-13 09:24 – Updated: 2026-04-01 14:10
VLAI?
Title
WordPress WP Plugin Manager plugin <= 1.4.7 - Cross Site Request Forgery (CSRF) vulnerability
Summary
Cross-Site Request Forgery (CSRF) vulnerability in HasThemes WP Plugin Manager wp-plugin-manager allows Cross Site Request Forgery.This issue affects WP Plugin Manager: from n/a through <= 1.4.7.
Severity ?
6.5 (Medium)
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HasThemes | WP Plugin Manager |
Affected:
0 , ≤ 1.4.7
(custom)
|
Date Public ?
2026-04-01 16:01
Credits
Mika | Patchstack Bug Bounty Program
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-64271",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T17:57:51.509844Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T17:58:27.770Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wp-plugin-manager",
"product": "WP Plugin Manager",
"vendor": "HasThemes",
"versions": [
{
"changes": [
{
"at": "1.4.8",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.4.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mika | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:01:13.430Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in HasThemes WP Plugin Manager wp-plugin-manager allows Cross Site Request Forgery.\u003cp\u003eThis issue affects WP Plugin Manager: from n/a through \u003c= 1.4.7.\u003c/p\u003e"
}
],
"value": "Cross-Site Request Forgery (CSRF) vulnerability in HasThemes WP Plugin Manager wp-plugin-manager allows Cross Site Request Forgery.This issue affects WP Plugin Manager: from n/a through \u003c= 1.4.7."
}
],
"impacts": [
{
"capecId": "CAPEC-62",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Request Forgery"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T14:10:22.118Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/wp-plugin-manager/vulnerability/wordpress-wp-plugin-manager-plugin-1-4-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"
}
],
"title": "WordPress WP Plugin Manager plugin \u003c= 1.4.7 - Cross Site Request Forgery (CSRF) vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-64271",
"datePublished": "2025-11-13T09:24:30.639Z",
"dateReserved": "2025-10-29T03:08:27.751Z",
"dateUpdated": "2026-04-01T14:10:22.118Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12493 (GCVE-0-2025-12493)
Vulnerability from cvelistv5 – Published: 2025-11-04 11:19 – Updated: 2026-04-08 16:36
VLAI?
Title
ShopLentor <= 3.2.5 - Unauthenticated Local PHP File Inclusion via 'load_template'
Summary
The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.2.5 via the 'load_template' function. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included.
Severity ?
9.8 (Critical)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| devitemsllc | ShopLentor – All-in-One WooCommerce Growth & Store Enhancement Plugin |
Affected:
0 , ≤ 3.2.5
(semver)
|
Credits
Michael Mazzolini
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12493",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-04T19:34:24.746344Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-04T20:13:56.143Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ShopLentor \u2013 All-in-One WooCommerce Growth \u0026 Store Enhancement Plugin",
"vendor": "devitemsllc",
"versions": [
{
"lessThanOrEqual": "3.2.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Michael Mazzolini"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ShopLentor \u2013 WooCommerce Builder for Elementor \u0026 Gutenberg +21 Modules \u2013 All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.2.5 via the \u0027load_template\u0027 function. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:36:30.320Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/12bb4bb9-e908-43ad-8fb1-59418580f5e1?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/woolentor-addons/trunk/includes/addons/product-grid/base/class.product-grid-base.php#L378"
},
{
"url": "https://plugins.trac.wordpress.org/browser/woolentor-addons/trunk/classes/class.ajax_actions.php#L241"
},
{
"url": "https://plugins.trac.wordpress.org/browser/woolentor-addons/trunk/classes/class.ajax_actions.php#L213"
},
{
"url": "https://plugins.trac.wordpress.org/browser/woolentor-addons/trunk/classes/class.ajax_actions.php#L42"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3388234/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-29T20:27:08.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-11-03T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "ShopLentor \u003c= 3.2.5 - Unauthenticated Local PHP File Inclusion via \u0027load_template\u0027"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-12493",
"datePublished": "2025-11-04T11:19:27.403Z",
"dateReserved": "2025-10-29T20:10:08.366Z",
"dateUpdated": "2026-04-08T16:36:30.320Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11823 (GCVE-0-2025-11823)
Vulnerability from cvelistv5 – Published: 2025-10-25 04:22 – Updated: 2026-04-08 16:44
VLAI?
Title
ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution <= 3.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Summary
The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'button_exist_text' parameter in the 'wishsuite_button' shortcode in all versions up to, and including, 3.2.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity ?
6.4 (Medium)
CWE
- CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| devitemsllc | ShopLentor – All-in-One WooCommerce Growth & Store Enhancement Plugin |
Affected:
0 , ≤ 3.2.4
(semver)
|
Credits
Youcef Hamdani
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11823",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-27T15:25:59.055549Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-27T15:57:18.537Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ShopLentor \u2013 All-in-One WooCommerce Growth \u0026 Store Enhancement Plugin",
"vendor": "devitemsllc",
"versions": [
{
"lessThanOrEqual": "3.2.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Youcef Hamdani"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ShopLentor \u2013 WooCommerce Builder for Elementor \u0026 Gutenberg +21 Modules \u2013 All in One Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u0027button_exist_text\u0027 parameter in the \u0027wishsuite_button\u0027 shortcode in all versions up to, and including, 3.2.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-80",
"description": "CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:44:09.355Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2d45afd4-9a1f-402c-86e3-8e3d6d7178d3?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/woolentor-addons/tags/3.2.2/includes/modules/wishlist/includes/templates/wishsuite-button-exist.php#L1"
},
{
"url": "https://plugins.trac.wordpress.org/browser/woolentor-addons/tags/3.2.2/includes/modules/wishlist/includes/classes/Frontend/Shortcode.php#L107"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-15T18:10:56.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-10-24T15:45:09.000Z",
"value": "Disclosed"
}
],
"title": "ShopLentor \u2013 WooCommerce Builder for Elementor \u0026 Gutenberg +21 Modules \u2013 All in One Solution \u003c= 3.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-11823",
"datePublished": "2025-10-25T04:22:44.973Z",
"dateReserved": "2025-10-15T17:55:27.963Z",
"dateUpdated": "2026-04-08T16:44:09.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-58990 (GCVE-0-2025-58990)
Vulnerability from cvelistv5 – Published: 2025-09-09 16:33 – Updated: 2026-04-01 15:59
VLAI?
Title
WordPress ShopLentor Plugin <= 3.2.0 - Cross Site Scripting (XSS) Vulnerability
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DevItems ShopLentor woolentor-addons allows Stored XSS.This issue affects ShopLentor: from n/a through <= 3.2.0.
Severity ?
No CVSS data available.
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| DevItems | ShopLentor |
Affected:
0 , ≤ 3.2.0
(custom)
|
Date Public ?
2026-04-01 16:42
Credits
Denver Jackson | Patchstack Bug Bounty Program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58990",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-09T17:50:56.994128Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-09T17:51:40.746Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "woolentor-addons",
"product": "ShopLentor",
"vendor": "DevItems",
"versions": [
{
"changes": [
{
"at": "3.2.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Denver Jackson | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:42:58.441Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in DevItems ShopLentor woolentor-addons allows Stored XSS.\u003cp\u003eThis issue affects ShopLentor: from n/a through \u003c= 3.2.0.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in DevItems ShopLentor woolentor-addons allows Stored XSS.This issue affects ShopLentor: from n/a through \u003c= 3.2.0."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "Stored XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T15:59:17.737Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/woolentor-addons/vulnerability/wordpress-shoplentor-plugin-3-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "WordPress ShopLentor Plugin \u003c= 3.2.0 - Cross Site Scripting (XSS) Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-58990",
"datePublished": "2025-09-09T16:33:07.863Z",
"dateReserved": "2025-09-06T04:45:22.563Z",
"dateUpdated": "2026-04-01T15:59:17.737Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-8068 (GCVE-0-2025-8068)
Vulnerability from cvelistv5 – Published: 2025-07-31 11:19 – Updated: 2026-04-08 17:27
VLAI?
Title
HT Mega – Absolute Addons For Elementor <= 2.9.1 - Improper Authorization to Authenticated (Contributor+) Limited Administrator Actions
Summary
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to unauthorized modification and loss of data due to an improper capability check on the 'ajax_trash_templates' function in all versions up to, and including, 2.9.1. This makes it possible for authenticated attackers, with Contributor-level access and above, to delete arbitrary attachment files, and move arbitrary posts, pages, and templates to the Trash.
Severity ?
4.3 (Medium)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| devitemsllc | HT Mega Addons for Elementor – Elementor Widgets & Template Builder |
Affected:
0 , ≤ 2.9.1
(semver)
|
Credits
wesley
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8068",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-31T13:40:30.757795Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-31T13:41:25.600Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HT Mega Addons for Elementor \u2013 Elementor Widgets \u0026 Template Builder",
"vendor": "devitemsllc",
"versions": [
{
"lessThanOrEqual": "2.9.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "wesley"
}
],
"descriptions": [
{
"lang": "en",
"value": "The HT Mega \u2013 Absolute Addons For Elementor plugin for WordPress is vulnerable to unauthorized modification and loss of data due to an improper capability check on the \u0027ajax_trash_templates\u0027 function in all versions up to, and including, 2.9.1. This makes it possible for authenticated attackers, with Contributor-level access and above, to delete arbitrary attachment files, and move arbitrary posts, pages, and templates to the Trash."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:27:13.733Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d9cf6dae-572f-4eaa-8e8a-bca9e74fe738?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/ht-mega-for-elementor/tags/2.9.0/admin/include/class.theme-builder.php#L625"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3336533/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-22T23:48:56.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-07-30T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "HT Mega \u2013 Absolute Addons For Elementor \u003c= 2.9.1 - Improper Authorization to Authenticated (Contributor+) Limited Administrator Actions"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-8068",
"datePublished": "2025-07-31T11:19:13.164Z",
"dateReserved": "2025-07-22T23:11:56.008Z",
"dateUpdated": "2026-04-08T17:27:13.733Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-8401 (GCVE-0-2025-8401)
Vulnerability from cvelistv5 – Published: 2025-07-31 11:19 – Updated: 2026-04-08 17:10
VLAI?
Title
HT Mega – Absolute Addons For Elementor <= 2.9.1 - Authenticated (Author+) Sensitive Information Exposure
Summary
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.1 via the 'get_post_data' function. This makes it possible for authenticated attackers, with Author-level access and above, to extract sensitive data including the content of private, password-protected, and draft posts and pages.
Severity ?
4.3 (Medium)
CWE
- CWE-285 - Improper Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| devitemsllc | HT Mega Addons for Elementor – Elementor Widgets & Template Builder |
Affected:
0 , ≤ 2.9.1
(semver)
|
Credits
wesley
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8401",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-31T14:07:05.907615Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-31T14:09:28.317Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HT Mega Addons for Elementor \u2013 Elementor Widgets \u0026 Template Builder",
"vendor": "devitemsllc",
"versions": [
{
"lessThanOrEqual": "2.9.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "wesley"
}
],
"descriptions": [
{
"lang": "en",
"value": "The HT Mega \u2013 Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.1 via the \u0027get_post_data\u0027 function. This makes it possible for authenticated attackers, with Author-level access and above, to extract sensitive data including the content of private, password-protected, and draft posts and pages."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285 Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:10:01.120Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9540b339-3386-4ee8-8141-acb9f3d83772?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/ht-mega-for-elementor/tags/2.9.1/htmega-blocks/includes/classes/Manage_Styles.php#L99"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3336533/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-24T23:25:34.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-07-30T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "HT Mega \u2013 Absolute Addons For Elementor \u003c= 2.9.1 - Authenticated (Author+) Sensitive Information Exposure"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-8401",
"datePublished": "2025-07-31T11:19:12.771Z",
"dateReserved": "2025-07-30T22:55:56.638Z",
"dateUpdated": "2026-04-08T17:10:01.120Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-8151 (GCVE-0-2025-8151)
Vulnerability from cvelistv5 – Published: 2025-07-31 11:19 – Updated: 2026-04-08 16:58
VLAI?
Title
HT Mega – Absolute Addons For Elementor <= 2.9.1 - Authenticated (Author+) Path Traversal to Limited Arbitrary CSS File Actions
Summary
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.9.1 via the 'save_block_css' function. This makes it possible for authenticated attackers, with Author-level access and above, to create CSS files in any directory, and delete CSS files in any directory in a Windows environment.
Severity ?
4.3 (Medium)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| devitemsllc | HT Mega Addons for Elementor – Elementor Widgets & Template Builder |
Affected:
0 , ≤ 2.9.1
(semver)
|
Credits
wesley
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8151",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-31T14:10:08.667659Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-31T14:11:33.243Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HT Mega Addons for Elementor \u2013 Elementor Widgets \u0026 Template Builder",
"vendor": "devitemsllc",
"versions": [
{
"lessThanOrEqual": "2.9.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "wesley"
}
],
"descriptions": [
{
"lang": "en",
"value": "The HT Mega \u2013 Absolute Addons For Elementor plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.9.1 via the \u0027save_block_css\u0027 function. This makes it possible for authenticated attackers, with Author-level access and above, to create CSS files in any directory, and delete CSS files in any directory in a Windows environment."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:58:59.318Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6b3e93bf-af5c-4ca3-a531-2d91df880c51?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/ht-mega-for-elementor/tags/2.9.1/htmega-blocks/includes/classes/Manage_Styles.php#L118"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3336533/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-24T23:25:38.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-07-30T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "HT Mega \u2013 Absolute Addons For Elementor \u003c= 2.9.1 - Authenticated (Author+) Path Traversal to Limited Arbitrary CSS File Actions"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-8151",
"datePublished": "2025-07-31T11:19:12.200Z",
"dateReserved": "2025-07-24T23:07:55.088Z",
"dateUpdated": "2026-04-08T16:58:59.318Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-7340 (GCVE-0-2025-7340)
Vulnerability from cvelistv5 – Published: 2025-07-15 04:23 – Updated: 2026-04-08 17:32
VLAI?
Title
HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. <= 2.2.1 - Unauthenticated Arbitrary File Upload
Summary
The HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the temp_file_upload() function in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
Severity ?
9.8 (Critical)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| htplugins | HT Contact Form – Drag & Drop Form Builder for WordPress |
Affected:
0 , ≤ 2.2.1
(semver)
|
Credits
vgo0
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7340",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-15T13:30:48.942765Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-15T13:31:06.438Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HT Contact Form \u2013 Drag \u0026 Drop Form Builder for WordPress",
"vendor": "htplugins",
"versions": [
{
"lessThanOrEqual": "2.2.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "vgo0"
}
],
"descriptions": [
{
"lang": "en",
"value": "The HT Contact Form Widget For Elementor Page Builder \u0026 Gutenberg Blocks \u0026 Form Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the temp_file_upload() function in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site\u0027s server which may make remote code execution possible."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:32:19.145Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f0cb666b-bfab-492f-a74e-11dc9b171136?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/ht-contactform/trunk/admin/Includes/Services/FileManager.php#L86"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3326887/ht-contactform/trunk/admin/Includes/Services/FileManager.php?contextall=1\u0026old=3316109\u0026old_path=%2Fht-contactform%2Ftrunk%2Fadmin%2FIncludes%2FServices%2FFileManager.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-09T05:23:45.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-07-14T15:59:03.000Z",
"value": "Disclosed"
}
],
"title": "HT Contact Form Widget For Elementor Page Builder \u0026 Gutenberg Blocks \u0026 Form Builder. \u003c= 2.2.1 - Unauthenticated Arbitrary File Upload"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-7340",
"datePublished": "2025-07-15T04:23:42.345Z",
"dateReserved": "2025-07-07T20:29:32.034Z",
"dateUpdated": "2026-04-08T17:32:19.145Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-7360 (GCVE-0-2025-7360)
Vulnerability from cvelistv5 – Published: 2025-07-15 04:23 – Updated: 2026-04-08 17:27
VLAI?
Title
HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. <= 2.2.1 - Directory Traversal to Arbitrary File Move
Summary
The HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder plugin for WordPress is vulnerable to arbitrary file moving due to insufficient file path validation in the handle_files_upload() function in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers to move arbitrary files on the server, which can easily lead to remote code execution when the right file is moved (such as wp-config.php).
Severity ?
9.1 (Critical)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| htplugins | HT Contact Form – Drag & Drop Form Builder for WordPress |
Affected:
0 , ≤ 2.2.1
(semver)
|
Credits
Nguyen Tan Phat
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7360",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-15T13:31:45.311016Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-15T13:32:00.345Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HT Contact Form \u2013 Drag \u0026 Drop Form Builder for WordPress",
"vendor": "htplugins",
"versions": [
{
"lessThanOrEqual": "2.2.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Nguyen Tan Phat"
}
],
"descriptions": [
{
"lang": "en",
"value": "The HT Contact Form Widget For Elementor Page Builder \u0026 Gutenberg Blocks \u0026 Form Builder plugin for WordPress is vulnerable to arbitrary file moving due to insufficient file path validation in the handle_files_upload() function in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers to move arbitrary files on the server, which can easily lead to remote code execution when the right file is moved (such as wp-config.php)."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:27:59.680Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dd42c83c-c51c-45a5-8ad5-0df2c0cc411d?source=cve"
},
{
"url": "https://wordpress.org/plugins/ht-contactform/"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3326887/ht-contactform/trunk/admin/Includes/Api/Endpoints/Submission.php?contextall=1\u0026old=3316109\u0026old_path=%2Fht-contactform%2Ftrunk%2Fadmin%2FIncludes%2FApi%2FEndpoints%2FSubmission.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-09T05:23:45.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-07-14T15:58:43.000Z",
"value": "Disclosed"
}
],
"title": "HT Contact Form Widget For Elementor Page Builder \u0026 Gutenberg Blocks \u0026 Form Builder. \u003c= 2.2.1 - Directory Traversal to Arbitrary File Move"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-7360",
"datePublished": "2025-07-15T04:23:41.923Z",
"dateReserved": "2025-07-08T16:10:04.994Z",
"dateUpdated": "2026-04-08T17:27:59.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-7341 (GCVE-0-2025-7341)
Vulnerability from cvelistv5 – Published: 2025-07-15 04:23 – Updated: 2026-04-08 16:45
VLAI?
Title
HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. <= 2.2.1 - Unauthenticated Arbitrary File Deletion
Summary
The HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the temp_file_delete() function in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
Severity ?
9.1 (Critical)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| htplugins | HT Contact Form – Drag & Drop Form Builder for WordPress |
Affected:
0 , ≤ 2.2.1
(semver)
|
Credits
vgo0
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7341",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-15T13:35:11.010711Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-15T13:35:24.727Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HT Contact Form \u2013 Drag \u0026 Drop Form Builder for WordPress",
"vendor": "htplugins",
"versions": [
{
"lessThanOrEqual": "2.2.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "vgo0"
}
],
"descriptions": [
{
"lang": "en",
"value": "The HT Contact Form Widget For Elementor Page Builder \u0026 Gutenberg Blocks \u0026 Form Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the temp_file_delete() function in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php)."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:45:25.485Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/32da04ba-bee3-4fd3-b91b-57e588d5f4e4?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/ht-contactform/trunk/admin/Includes/Services/FileManager.php#L107"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3326887/ht-contactform/trunk/admin/Includes/Ajax.php?contextall=1\u0026old=3316109\u0026old_path=%2Fht-contactform%2Ftrunk%2Fadmin%2FIncludes%2FAjax.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-09T05:23:45.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-07-14T15:58:21.000Z",
"value": "Disclosed"
}
],
"title": "HT Contact Form Widget For Elementor Page Builder \u0026 Gutenberg Blocks \u0026 Form Builder. \u003c= 2.2.1 - Unauthenticated Arbitrary File Deletion"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-7341",
"datePublished": "2025-07-15T04:23:40.839Z",
"dateReserved": "2025-07-07T20:52:52.019Z",
"dateUpdated": "2026-04-08T16:45:25.485Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-3775 (GCVE-0-2025-3775)
Vulnerability from cvelistv5 – Published: 2025-04-25 04:23 – Updated: 2026-04-08 16:51
VLAI?
Title
ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) <= 3.1.2 - Unauthenticated Server-Side Request Forgery via URL Parameter
Summary
The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.1.2 via the woolentor_template_proxy function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application, and can be used to query and modify information from internal services.
Severity ?
6.5 (Medium)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| devitemsllc | ShopLentor – All-in-One WooCommerce Growth & Store Enhancement Plugin |
Affected:
0 , ≤ 3.1.2
(semver)
|
Credits
Michael Mazzolini
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3775",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-25T15:10:15.932569Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T15:10:35.126Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ShopLentor \u2013 All-in-One WooCommerce Growth \u0026 Store Enhancement Plugin",
"vendor": "devitemsllc",
"versions": [
{
"lessThanOrEqual": "3.1.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Michael Mazzolini"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ShopLentor \u2013 WooCommerce Builder for Elementor \u0026 Gutenberg +20 Modules \u2013 All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.1.2 via the woolentor_template_proxy function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application, and can be used to query and modify information from internal services."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:51:38.675Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4dfc28ec-1411-43c3-833e-a6c85a3ed767?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/woolentor-addons/tags/3.1.2/includes/admin-panel/includes/classes/Admin.php#L71"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-04-17T00:00:00.000Z",
"value": "Discovered"
},
{
"lang": "en",
"time": "2025-04-24T16:21:41.000Z",
"value": "Disclosed"
}
],
"title": "ShopLentor \u2013 WooCommerce Builder for Elementor \u0026 Gutenberg +20 Modules \u2013 All in One Solution (formerly WooLentor) \u003c= 3.1.2 - Unauthenticated Server-Side Request Forgery via URL Parameter"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-3775",
"datePublished": "2025-04-25T04:23:04.940Z",
"dateReserved": "2025-04-17T16:40:43.199Z",
"dateUpdated": "2026-04-08T16:51:38.675Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-2719 (GCVE-0-2025-2719)
Vulnerability from cvelistv5 – Published: 2025-04-10 07:02 – Updated: 2025-04-10 13:36
VLAI?
Title
Swatchly – WooCommerce Variation Swatches for Products (product attributes: Image swatch, Color swatches, Label swatches) 1.2.8 - 1.4.0 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update
Summary
The Swatchly – WooCommerce Variation Swatches for Products (product attributes: Image swatch, Color swatches, Label swatches) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_dismiss function in versions 1.2.8 to 1.4.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update option values to 1/true on the WordPress site. This can be leveraged to update an option that would create an error on the site and deny access to legitimate users or be used to set some values to true, such as registration.
Severity ?
6.5 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| hasthemes | Swatchly – WooCommerce Variation Swatches for Products (product attributes: Image swatch, Color swatches, Label swatches) |
Affected:
1.2.8 , ≤ 1.4.0
(semver)
|
Credits
Kenneth Dunn
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2719",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-10T13:35:41.791126Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-10T13:36:01.911Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Swatchly \u2013 WooCommerce Variation Swatches for Products (product attributes: Image swatch, Color swatches, Label swatches)",
"vendor": "hasthemes",
"versions": [
{
"lessThanOrEqual": "1.4.0",
"status": "affected",
"version": "1.2.8",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Kenneth Dunn"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Swatchly \u2013 WooCommerce Variation Swatches for Products (product attributes: Image swatch, Color swatches, Label swatches) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_dismiss function in versions 1.2.8 to 1.4.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update option values to 1/true on the WordPress site. This can be leveraged to update an option that would create an error on the site and deny access to legitimate users or be used to set some values to true, such as registration."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-10T07:02:39.962Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/39336115-5993-49e1-b810-80a712e8e42b?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/swatchly/tags/1.2.8/includes/Admin/Notices.php#L59"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-03-18T00:00:00.000Z",
"value": "Discovered"
},
{
"lang": "en",
"time": "2025-04-09T18:09:21.000Z",
"value": "Disclosed"
}
],
"title": "Swatchly \u2013 WooCommerce Variation Swatches for Products (product attributes: Image swatch, Color swatches, Label swatches) 1.2.8 - 1.4.0 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-2719",
"datePublished": "2025-04-10T07:02:39.962Z",
"dateReserved": "2025-03-24T12:07:41.833Z",
"dateUpdated": "2025-04-10T13:36:01.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1802 (GCVE-0-2025-1802)
Vulnerability from cvelistv5 – Published: 2025-03-20 11:11 – Updated: 2026-04-08 16:58
VLAI?
Title
HT Mega – Absolute Addons For Elementor <= 2.8.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets
Summary
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘marker_title’, 'notification_content', and 'stt_button_text' parameters in all versions up to, and including, 2.8.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The vulnerability was partially patched in version 2.8.3.
Severity ?
6.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| devitemsllc | HT Mega Addons for Elementor – Elementor Widgets & Template Builder |
Affected:
0 , ≤ 2.8.3
(semver)
|
Credits
D.Sim
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1802",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T13:11:48.467363Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T13:12:57.440Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HT Mega Addons for Elementor \u2013 Elementor Widgets \u0026 Template Builder",
"vendor": "devitemsllc",
"versions": [
{
"lessThanOrEqual": "2.8.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "D.Sim"
}
],
"descriptions": [
{
"lang": "en",
"value": "The HT Mega \u2013 Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018marker_title\u2019, \u0027notification_content\u0027, and \u0027stt_button_text\u0027 parameters in all versions up to, and including, 2.8.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The vulnerability was partially patched in version 2.8.3."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:58:26.689Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/68530904-22d2-4228-b9f2-76f5ee1fd541?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/ht-mega-for-elementor/trunk/extensions/scroll-to-top/assets/js/htmega-scroll-to-top.js"
},
{
"url": "https://plugins.trac.wordpress.org/browser/ht-mega-for-elementor/trunk/includes/widgets/htmega_googlemap.php"
},
{
"url": "https://plugins.trac.wordpress.org/browser/ht-mega-for-elementor/trunk/includes/widgets/htmega_notify.php"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3249106/"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3257530/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-03-19T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "HT Mega \u2013 Absolute Addons For Elementor \u003c= 2.8.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-1802",
"datePublished": "2025-03-20T11:11:27.417Z",
"dateReserved": "2025-02-28T23:31:37.947Z",
"dateUpdated": "2026-04-08T16:58:26.689Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-1527 (GCVE-0-2025-1527)
Vulnerability from cvelistv5 – Published: 2025-03-12 11:13 – Updated: 2026-04-08 17:25
VLAI?
Title
ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) <= 3.1.0 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Flash Sale Countdown Module
Summary
The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to a Stored DOM-Based Cross-Site Scripting via the plugin's Flash Sale Countdown module in all versions up to, and including, 3.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity ?
6.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| devitemsllc | ShopLentor – All-in-One WooCommerce Growth & Store Enhancement Plugin |
Affected:
0 , ≤ 3.1.0
(semver)
|
Credits
Craig Smith
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1527",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-12T14:10:07.817704Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-12T14:10:20.904Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ShopLentor \u2013 All-in-One WooCommerce Growth \u0026 Store Enhancement Plugin",
"vendor": "devitemsllc",
"versions": [
{
"lessThanOrEqual": "3.1.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Craig Smith"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ShopLentor \u2013 WooCommerce Builder for Elementor \u0026 Gutenberg +20 Modules \u2013 All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to a Stored DOM-Based Cross-Site Scripting via the plugin\u0027s Flash Sale Countdown module in all versions up to, and including, 3.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:25:32.681Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d3405b50-a3f0-4280-8a34-ed86ce3d4db4?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3253711/woolentor-addons/trunk/includes/modules/flash-sale/assets/js/flash-sale.js"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-20T00:00:00.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-03-11T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "ShopLentor \u2013 WooCommerce Builder for Elementor \u0026 Gutenberg +20 Modules \u2013 All in One Solution (formerly WooLentor) \u003c= 3.1.0 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Flash Sale Countdown Module"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-1527",
"datePublished": "2025-03-12T11:13:32.596Z",
"dateReserved": "2025-02-20T21:42:27.209Z",
"dateUpdated": "2026-04-08T17:25:32.681Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-1261 (GCVE-0-2025-1261)
Vulnerability from cvelistv5 – Published: 2025-03-08 01:44 – Updated: 2026-04-08 17:29
VLAI?
Title
HT Mega – Absolute Addons For Elementor <= 2.8.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Countdown Widget
Summary
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 2.8.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. NOTE: This vulnerability exists due to an incomplete fix for CVE-2024-3307.
Severity ?
6.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| devitemsllc | HT Mega Addons for Elementor – Elementor Widgets & Template Builder |
Affected:
0 , ≤ 2.8.2
(semver)
|
Credits
Craig Smith
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1261",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-10T16:06:29.659557Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-10T16:06:36.504Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HT Mega Addons for Elementor \u2013 Elementor Widgets \u0026 Template Builder",
"vendor": "devitemsllc",
"versions": [
{
"lessThanOrEqual": "2.8.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Craig Smith"
}
],
"descriptions": [
{
"lang": "en",
"value": "The HT Mega \u2013 Absolute Addons For Elementor plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the plugin\u0027s Countdown widget in all versions up to, and including, 2.8.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. NOTE: This vulnerability exists due to an incomplete fix for CVE-2024-3307."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:29:50.857Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e553135d-88e0-4840-99ad-9514c2243b7d?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3249106/ht-mega-for-elementor/tags/2.8.3/assets/js/htmega-widgets-active.js"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-12T00:00:00.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-03-07T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "HT Mega \u2013 Absolute Addons For Elementor \u003c= 2.8.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Countdown Widget"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-1261",
"datePublished": "2025-03-08T01:44:27.321Z",
"dateReserved": "2025-02-12T20:06:58.478Z",
"dateUpdated": "2026-04-08T17:29:50.857Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-26917 (GCVE-0-2025-26917)
Vulnerability from cvelistv5 – Published: 2025-03-03 13:30 – Updated: 2026-04-01 15:45
VLAI?
Title
WordPress WP Templata plugin <= 1.0.7 - Reflected Cross Site Scripting (XSS) vulnerability
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes WP Templata wptemplata allows Reflected XSS.This issue affects WP Templata: from n/a through <= 1.0.7.
Severity ?
No CVSS data available.
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HasThemes | WP Templata |
Affected:
0 , ≤ 1.0.7
(custom)
|
Date Public ?
2026-04-01 16:35
Credits
Trương Hữu Phúc (truonghuuphuc) | Patchstack Bug Bounty Program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-26917",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-03T15:14:01.334567Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-03T15:14:10.781Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wptemplata",
"product": "WP Templata",
"vendor": "HasThemes",
"versions": [
{
"changes": [
{
"at": "1.0.8",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.0.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tr\u01b0\u01a1ng H\u1eefu Ph\u00fac (truonghuuphuc) | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:35:23.448Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in HasThemes WP Templata wptemplata allows Reflected XSS.\u003cp\u003eThis issue affects WP Templata: from n/a through \u003c= 1.0.7.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in HasThemes WP Templata wptemplata allows Reflected XSS.This issue affects WP Templata: from n/a through \u003c= 1.0.7."
}
],
"impacts": [
{
"capecId": "CAPEC-591",
"descriptions": [
{
"lang": "en",
"value": "Reflected XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T15:45:43.737Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/wptemplata/vulnerability/wordpress-wp-templata-plugin-1-0-7-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "WordPress WP Templata plugin \u003c= 1.0.7 - Reflected Cross Site Scripting (XSS) vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-26917",
"datePublished": "2025-03-03T13:30:41.212Z",
"dateReserved": "2025-02-17T11:51:01.643Z",
"dateUpdated": "2026-04-01T15:45:43.737Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-12599 (GCVE-0-2024-12599)
Vulnerability from cvelistv5 – Published: 2025-02-11 04:21 – Updated: 2026-04-08 16:41
VLAI?
Title
HT Mega – Absolute Addons For Elementor <= 2.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget
Summary
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 2.8.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity ?
6.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| devitemsllc | HT Mega Addons for Elementor – Elementor Widgets & Template Builder |
Affected:
0 , ≤ 2.8.1
(semver)
|
Credits
D.Sim
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12599",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-11T05:11:07.600429Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T17:52:52.810Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HT Mega Addons for Elementor \u2013 Elementor Widgets \u0026 Template Builder",
"vendor": "devitemsllc",
"versions": [
{
"lessThanOrEqual": "2.8.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "D.Sim"
}
],
"descriptions": [
{
"lang": "en",
"value": "The HT Mega \u2013 Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s Countdown widget in all versions up to, and including, 2.8.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:41:17.008Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/20a67cde-612a-4c57-83d6-a5d8f3716a2d?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3234495/ht-mega-for-elementor"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-12-12T00:00:00.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-02-10T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "HT Mega \u2013 Absolute Addons For Elementor \u003c= 2.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-12599",
"datePublished": "2025-02-11T04:21:22.020Z",
"dateReserved": "2024-12-12T22:58:45.981Z",
"dateUpdated": "2026-04-08T16:41:17.008Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-12597 (GCVE-0-2024-12597)
Vulnerability from cvelistv5 – Published: 2025-02-04 06:41 – Updated: 2026-04-08 16:37
VLAI?
Title
HT Mega <= 2.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via block_css and inner_css
Summary
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'block_css' and 'inner_css' parameters in all versions up to, and including, 2.7.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity ?
6.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| devitemsllc | HT Mega Addons for Elementor – Elementor Widgets & Template Builder |
Affected:
0 , ≤ 2.7.6
(semver)
|
Credits
Sean Murphy
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12597",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T15:43:24.548284Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T15:43:29.254Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HT Mega Addons for Elementor \u2013 Elementor Widgets \u0026 Template Builder",
"vendor": "devitemsllc",
"versions": [
{
"lessThanOrEqual": "2.7.6",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sean Murphy"
}
],
"descriptions": [
{
"lang": "en",
"value": "The HT Mega \u2013 Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u0027block_css\u0027 and \u0027inner_css\u0027 parameters in all versions up to, and including, 2.7.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:37:32.183Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/17f12e75-0bb6-48ed-9ba2-17caab268d61?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3209697/ht-mega-for-elementor"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-12-12T00:00:00.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-02-03T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "HT Mega \u003c= 2.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via block_css and inner_css"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-12597",
"datePublished": "2025-02-04T06:41:53.233Z",
"dateReserved": "2024-12-12T22:19:47.462Z",
"dateUpdated": "2026-04-08T16:37:32.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-24695 (GCVE-0-2025-24695)
Vulnerability from cvelistv5 – Published: 2025-01-24 17:24 – Updated: 2026-04-01 15:44
VLAI?
Title
WordPress Extensions For CF7 Plugin <= 3.2.0 - Server Side Request Forgery (SSRF) vulnerability
Summary
Server-Side Request Forgery (SSRF) vulnerability in HT Plugins Extensions For CF7 extensions-for-cf7 allows Server Side Request Forgery.This issue affects Extensions For CF7: from n/a through <= 3.2.0.
Severity ?
No CVSS data available.
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HT Plugins | Extensions For CF7 |
Affected:
0 , ≤ 3.2.0
(custom)
|
Date Public ?
2026-04-01 16:34
Credits
Marek Mikita | Patchstack Bug Bounty Program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24695",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-24T17:56:29.815859Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:01:18.547Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "extensions-for-cf7",
"product": "Extensions For CF7",
"vendor": "HT Plugins",
"versions": [
{
"changes": [
{
"at": "3.2.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Marek Mikita | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:34:38.150Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Server-Side Request Forgery (SSRF) vulnerability in HT Plugins Extensions For CF7 extensions-for-cf7 allows Server Side Request Forgery.\u003cp\u003eThis issue affects Extensions For CF7: from n/a through \u003c= 3.2.0.\u003c/p\u003e"
}
],
"value": "Server-Side Request Forgery (SSRF) vulnerability in HT Plugins Extensions For CF7 extensions-for-cf7 allows Server Side Request Forgery.This issue affects Extensions For CF7: from n/a through \u003c= 3.2.0."
}
],
"impacts": [
{
"capecId": "CAPEC-664",
"descriptions": [
{
"lang": "en",
"value": "Server Side Request Forgery"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T15:44:31.356Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/extensions-for-cf7/vulnerability/wordpress-extensions-for-cf7-plugin-3-2-0-server-side-request-forgery-ssrf-vulnerability?_s_id=cve"
}
],
"title": "WordPress Extensions For CF7 Plugin \u003c= 3.2.0 - Server Side Request Forgery (SSRF) vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-24695",
"datePublished": "2025-01-24T17:24:56.863Z",
"dateReserved": "2025-01-23T14:52:23.104Z",
"dateUpdated": "2026-04-01T15:44:31.356Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-22801 (GCVE-0-2025-22801)
Vulnerability from cvelistv5 – Published: 2025-01-09 15:39 – Updated: 2026-04-01 15:41
VLAI?
Title
WordPress Free WooCommerce Theme 99fy Extension plugin <= 1.2.8 - Cross Site Scripting (XSS) vulnerability
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes Free WooCommerce Theme 99fy Extension 99fy-core allows Stored XSS.This issue affects Free WooCommerce Theme 99fy Extension: from n/a through <= 1.2.8.
Severity ?
No CVSS data available.
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HasThemes | Free WooCommerce Theme 99fy Extension |
Affected:
0 , ≤ 1.2.8
(custom)
|
Date Public ?
2026-04-01 16:32
Credits
João Pedro S Alcântara (Kinorth) | Patchstack Bug Bounty Program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-22801",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-10T20:18:26.461783Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T20:41:51.405Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "99fy-core",
"product": "Free WooCommerce Theme 99fy Extension",
"vendor": "HasThemes",
"versions": [
{
"changes": [
{
"at": "1.2.9",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.2.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jo\u00e3o Pedro S Alc\u00e2ntara (Kinorth) | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:32:03.162Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in HasThemes Free WooCommerce Theme 99fy Extension 99fy-core allows Stored XSS.\u003cp\u003eThis issue affects Free WooCommerce Theme 99fy Extension: from n/a through \u003c= 1.2.8.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in HasThemes Free WooCommerce Theme 99fy Extension 99fy-core allows Stored XSS.This issue affects Free WooCommerce Theme 99fy Extension: from n/a through \u003c= 1.2.8."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "Stored XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T15:41:52.907Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/99fy-core/vulnerability/wordpress-free-woocommerce-theme-99fy-extension-plugin-1-2-8-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "WordPress Free WooCommerce Theme 99fy Extension plugin \u003c= 1.2.8 - Cross Site Scripting (XSS) vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-22801",
"datePublished": "2025-01-09T15:39:21.237Z",
"dateReserved": "2025-01-07T21:05:34.184Z",
"dateUpdated": "2026-04-01T15:41:52.907Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-51673 (GCVE-0-2024-51673)
Vulnerability from cvelistv5 – Published: 2024-11-09 13:05 – Updated: 2026-04-01 15:37
VLAI?
Title
WordPress HT Politic plugin <= 2.4.4 - Cross Site Scripting (XSS) vulnerability
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DevItems HT Politic wp-politic allows DOM-Based XSS.This issue affects HT Politic: from n/a through <= 2.4.4.
Severity ?
No CVSS data available.
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| DevItems | HT Politic |
Affected:
0 , ≤ 2.4.4
(custom)
|
Date Public ?
2026-04-01 16:29
Credits
Abu Hurayra | Patchstack Bug Bounty Program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-51673",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-09T15:21:49.815722Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-09T15:22:09.685Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wp-politic",
"product": "HT Politic",
"vendor": "DevItems",
"versions": [
{
"changes": [
{
"at": "2.4.5",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.4.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Abu Hurayra | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:29:13.941Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in DevItems HT Politic wp-politic allows DOM-Based XSS.\u003cp\u003eThis issue affects HT Politic: from n/a through \u003c= 2.4.4.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in DevItems HT Politic wp-politic allows DOM-Based XSS.This issue affects HT Politic: from n/a through \u003c= 2.4.4."
}
],
"impacts": [
{
"capecId": "CAPEC-588",
"descriptions": [
{
"lang": "en",
"value": "DOM-Based XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T15:37:39.637Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/wp-politic/vulnerability/wordpress-ht-politic-plugin-2-4-4-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "WordPress HT Politic plugin \u003c= 2.4.4 - Cross Site Scripting (XSS) vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-51673",
"datePublished": "2024-11-09T13:05:06.277Z",
"dateReserved": "2024-10-30T15:05:38.836Z",
"dateUpdated": "2026-04-01T15:37:39.637Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-51682 (GCVE-0-2024-51682)
Vulnerability from cvelistv5 – Published: 2024-11-04 14:12 – Updated: 2026-04-01 15:37
VLAI?
Title
WordPress HT Builder – WordPress Theme Builder for Elementor plugin <= 1.3.0 - Stored Cross Site Scripting (XSS) vulnerability
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes HT Builder – WordPress Theme Builder for Elementor ht-builder allows Stored XSS.This issue affects HT Builder – WordPress Theme Builder for Elementor: from n/a through <= 1.3.0.
Severity ?
No CVSS data available.
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HasThemes | HT Builder – WordPress Theme Builder for Elementor |
Affected:
0 , ≤ 1.3.0
(custom)
|
Date Public ?
2026-04-01 16:29
Credits
Gab | Patchstack Bug Bounty Program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-51682",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-04T15:23:28.398483Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T15:23:38.390Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "ht-builder",
"product": "HT Builder \u2013 WordPress Theme Builder for Elementor",
"vendor": "HasThemes",
"versions": [
{
"changes": [
{
"at": "1.3.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.3.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gab | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:29:15.295Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in HasThemes HT Builder \u2013 WordPress Theme Builder for Elementor ht-builder allows Stored XSS.\u003cp\u003eThis issue affects HT Builder \u2013 WordPress Theme Builder for Elementor: from n/a through \u003c= 1.3.0.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in HasThemes HT Builder \u2013 WordPress Theme Builder for Elementor ht-builder allows Stored XSS.This issue affects HT Builder \u2013 WordPress Theme Builder for Elementor: from n/a through \u003c= 1.3.0."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "Stored XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T15:37:41.972Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/ht-builder/vulnerability/wordpress-ht-builder-wordpress-theme-builder-for-elementor-plugin-1-3-0-stored-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "WordPress HT Builder \u2013 WordPress Theme Builder for Elementor plugin \u003c= 1.3.0 - Stored Cross Site Scripting (XSS) vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-51682",
"datePublished": "2024-11-04T14:12:39.520Z",
"dateReserved": "2024-10-30T15:05:46.518Z",
"dateUpdated": "2026-04-01T15:37:41.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-49630 (GCVE-0-2024-49630)
Vulnerability from cvelistv5 – Published: 2024-10-20 07:48 – Updated: 2026-04-01 15:36
VLAI?
Title
WordPress WP Education for Elementor plugin <= 1.2.8 - Stored Cross Site Scripting (XSS) vulnerability
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DevItems WP Education wp-education allows Stored XSS.This issue affects WP Education: from n/a through <= 1.2.8.
Severity ?
No CVSS data available.
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| DevItems | WP Education |
Affected:
0 , ≤ 1.2.8
(custom)
|
Date Public ?
2026-04-01 16:28
Credits
Gab | Patchstack Bug Bounty Program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49630",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-20T13:35:00.641263Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-21T11:40:50.922Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wp-education",
"product": "WP Education",
"vendor": "DevItems",
"versions": [
{
"changes": [
{
"at": "1.2.9",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.2.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gab | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:28:15.282Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in DevItems WP Education wp-education allows Stored XSS.\u003cp\u003eThis issue affects WP Education: from n/a through \u003c= 1.2.8.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in DevItems WP Education wp-education allows Stored XSS.This issue affects WP Education: from n/a through \u003c= 1.2.8."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "Stored XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T15:36:25.037Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/wp-education/vulnerability/wordpress-wp-education-for-elementor-plugin-1-2-8-stored-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "WordPress WP Education for Elementor plugin \u003c= 1.2.8 - Stored Cross Site Scripting (XSS) vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-49630",
"datePublished": "2024-10-20T07:48:27.717Z",
"dateReserved": "2024-10-17T09:51:28.653Z",
"dateUpdated": "2026-04-01T15:36:25.037Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-9538 (GCVE-0-2024-9538)
Vulnerability from cvelistv5 – Published: 2024-10-11 11:01 – Updated: 2026-04-08 16:58
VLAI?
Title
ShopLentor <= 2.9.8 - Authenticated (Contributor+) Sensitive Information Exposure via WL: FAQ Widget Elementor Template
Summary
The ShopLentor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.8 via the 'render' function in includes/addons/wl_faq.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft Elementor template data.
Severity ?
4.3 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| devitemsllc | ShopLentor – All-in-One WooCommerce Growth & Store Enhancement Plugin |
Affected:
0 , ≤ 2.9.8
(semver)
|
Credits
Ankit Patel
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9538",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-11T14:43:41.587160Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-11T14:43:54.858Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ShopLentor \u2013 All-in-One WooCommerce Growth \u0026 Store Enhancement Plugin",
"vendor": "devitemsllc",
"versions": [
{
"lessThanOrEqual": "2.9.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ankit Patel"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ShopLentor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.8 via the \u0027render\u0027 function in includes/addons/wl_faq.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft Elementor template data."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:58:58.869Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6b36938e-5333-4331-9bb1-34465fe03f2f?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3164057/woolentor-addons"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-10-04T00:00:00.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2024-10-10T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "ShopLentor \u003c= 2.9.8 - Authenticated (Contributor+) Sensitive Information Exposure via WL: FAQ Widget Elementor Template"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-9538",
"datePublished": "2024-10-11T11:01:55.139Z",
"dateReserved": "2024-10-04T17:58:41.486Z",
"dateUpdated": "2026-04-08T16:58:58.869Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-8910 (GCVE-0-2024-8910)
Vulnerability from cvelistv5 – Published: 2024-09-25 06:48 – Updated: 2026-04-08 16:34
VLAI?
Title
HT Mega – Absolute Addons For Elementor <= 2.6.5 - Authenticated (Contributor+) Sensitive Information Exposure via template_id
Summary
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.5 via the render function in includes/widgets/htmega_accordion.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data.
Severity ?
4.3 (Medium)
CWE
- CWE-1230 - Exposure of Sensitive Information Through Metadata
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| devitemsllc | HT Mega Addons for Elementor – Elementor Widgets & Template Builder |
Affected:
0 , ≤ 2.6.5
(semver)
|
Credits
Ankit Patel
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8910",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T13:10:43.141102Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T13:26:21.429Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HT Mega Addons for Elementor \u2013 Elementor Widgets \u0026 Template Builder",
"vendor": "devitemsllc",
"versions": [
{
"lessThanOrEqual": "2.6.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ankit Patel"
}
],
"descriptions": [
{
"lang": "en",
"value": "The HT Mega \u2013 Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.5 via the render function in includes/widgets/htmega_accordion.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1230",
"description": "CWE-1230 Exposure of Sensitive Information Through Metadata",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:34:34.405Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/09fb88e4-4846-40d3-8a79-a6a867bfb59f?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3156058/ht-mega-for-elementor"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-09-17T00:00:00.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2024-09-24T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "HT Mega \u2013 Absolute Addons For Elementor \u003c= 2.6.5 - Authenticated (Contributor+) Sensitive Information Exposure via template_id"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-8910",
"datePublished": "2024-09-25T06:48:59.659Z",
"dateReserved": "2024-09-16T20:19:07.057Z",
"dateUpdated": "2026-04-08T16:34:34.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-8668 (GCVE-0-2024-8668)
Vulnerability from cvelistv5 – Published: 2024-09-25 04:30 – Updated: 2026-04-08 17:15
VLAI?
Title
ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) <= 2.9.7 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting
Summary
The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the tooltip and countdown functionality in all versions up to, and including, 2.9.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity ?
6.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| devitemsllc | ShopLentor – All-in-One WooCommerce Growth & Store Enhancement Plugin |
Affected:
0 , ≤ 2.9.7
(semver)
|
Credits
Craig Smith
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8668",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T13:10:50.684126Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T13:26:39.097Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ShopLentor \u2013 All-in-One WooCommerce Growth \u0026 Store Enhancement Plugin",
"vendor": "devitemsllc",
"versions": [
{
"lessThanOrEqual": "2.9.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Craig Smith"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ShopLentor \u2013 WooCommerce Builder for Elementor \u0026 Gutenberg +12 Modules \u2013 All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the tooltip and countdown functionality in all versions up to, and including, 2.9.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:15:42.449Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/afe2b2e5-601f-4b6b-940a-b82f723b8776?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/woolentor-addons/tags/2.9.7/assets/js/woolentor-widgets-active.js#L111"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3155859%40woolentor-addons\u0026new=3155859%40woolentor-addons\u0026sfp_email=\u0026sfph_mail="
},
{
"url": "https://plugins.trac.wordpress.org/browser/woolentor-addons/tags/2.9.7/assets/js/woolentor-widgets-active.js#L151"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-09-24T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "ShopLentor \u2013 WooCommerce Builder for Elementor \u0026 Gutenberg +12 Modules \u2013 All in One Solution (formerly WooLentor) \u003c= 2.9.7 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-8668",
"datePublished": "2024-09-25T04:30:27.952Z",
"dateReserved": "2024-09-10T17:16:38.452Z",
"dateUpdated": "2026-04-08T17:15:42.449Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-38706 (GCVE-0-2024-38706)
Vulnerability from cvelistv5 – Published: 2024-07-12 14:08 – Updated: 2026-04-01 15:34
VLAI?
Title
WordPress HT Mega plugin <= 2.5.7 - JSON Path Traversal vulnerability
Summary
Path Traversal: '.../...//' vulnerability in DevItems HT Mega ht-mega-for-elementor.This issue affects HT Mega: from n/a through <= 2.5.7.
Severity ?
No CVSS data available.
CWE
- CWE-35 - Path Traversal: '.../...//'
Assigner
References
| URL | Tags | |
|---|---|---|
Date Public ?
2026-04-01 16:26
Credits
Rafie Muhammad | Patchstack Bug Bounty Program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38706",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-12T19:49:44.452616Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T20:28:14.726Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:19:19.434Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/ht-mega-for-elementor/wordpress-ht-mega-plugin-2-5-7-json-path-traversal-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "ht-mega-for-elementor",
"product": "HT Mega",
"vendor": "DevItems",
"versions": [
{
"changes": [
{
"at": "2.5.8",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.5.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Rafie Muhammad | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:26:49.615Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Path Traversal: \u0027.../...//\u0027 vulnerability in DevItems HT Mega ht-mega-for-elementor.\u003cp\u003eThis issue affects HT Mega: from n/a through \u003c= 2.5.7.\u003c/p\u003e"
}
],
"value": "Path Traversal: \u0027.../...//\u0027 vulnerability in DevItems HT Mega ht-mega-for-elementor.This issue affects HT Mega: from n/a through \u003c= 2.5.7."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "Path Traversal: \u0027.../...//\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T15:34:36.447Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/ht-mega-for-elementor/vulnerability/wordpress-ht-mega-plugin-2-5-7-json-path-traversal-vulnerability?_s_id=cve"
}
],
"title": "WordPress HT Mega plugin \u003c= 2.5.7 - JSON Path Traversal vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-38706",
"datePublished": "2024-07-12T14:08:50.645Z",
"dateReserved": "2024-06-19T11:16:10.229Z",
"dateUpdated": "2026-04-01T15:34:36.447Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-5215 (GCVE-0-2024-5215)
Vulnerability from cvelistv5 – Published: 2024-06-26 06:56 – Updated: 2026-04-08 17:04
VLAI?
Title
HT Mega – Absolute Addons For Elementor <= 2.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets
Summary
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 2.5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity ?
6.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| devitemsllc | HT Mega Addons for Elementor – Elementor Widgets & Template Builder |
Affected:
0 , ≤ 2.5.5
(semver)
|
Credits
Matthew Rollings
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5215",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-06T03:09:25.004400Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-06T03:09:52.446Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:03:11.127Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/86dfdc4f-1cc2-4b0d-b79c-bee3d6956eb4?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/ht-mega-for-elementor/trunk/includes/widgets/htmega_videoplayer.php#L520"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/ht-mega-for-elementor/trunk/includes/widgets/htmega_user_login_form.php#L1961"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/ht-mega-for-elementor/trunk/includes/widgets/htmega_user_register_form.php#L2910"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/3106524/"
},
{
"tags": [
"x_transferred"
],
"url": "https://wordpress.org/plugins/ht-mega-for-elementor/#developers"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HT Mega Addons for Elementor \u2013 Elementor Widgets \u0026 Template Builder",
"vendor": "devitemsllc",
"versions": [
{
"lessThanOrEqual": "2.5.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Matthew Rollings"
}
],
"descriptions": [
{
"lang": "en",
"value": "The HT Mega \u2013 Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 2.5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:04:55.632Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/86dfdc4f-1cc2-4b0d-b79c-bee3d6956eb4?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/ht-mega-for-elementor/trunk/includes/widgets/htmega_videoplayer.php#L520"
},
{
"url": "https://plugins.trac.wordpress.org/browser/ht-mega-for-elementor/trunk/includes/widgets/htmega_user_login_form.php#L1961"
},
{
"url": "https://plugins.trac.wordpress.org/browser/ht-mega-for-elementor/trunk/includes/widgets/htmega_user_register_form.php#L2910"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3106524/"
},
{
"url": "https://wordpress.org/plugins/ht-mega-for-elementor/#developers"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-06-25T18:16:09.000Z",
"value": "Disclosed"
}
],
"title": "HT Mega \u2013 Absolute Addons For Elementor \u003c= 2.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-5215",
"datePublished": "2024-06-26T06:56:03.593Z",
"dateReserved": "2024-05-22T18:07:18.156Z",
"dateUpdated": "2026-04-08T17:04:55.632Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}