cleantalk
Vulnerabilities and Security Researches

HT Mega – Absolute Addons For Elementor, CVE-2021-24261

CVE, Research URL

CVE-2021-24261

Home page URL

Security reports for HT Mega – Absolute Addons For Elementor

Application

HT Mega – Absolute Addons For Elementor

Published on
May 06, 2021
Research Description
The “HT Mega – Absolute Addons for Elementor Page Builder” WordPress Plugin before 1.5.7 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
Affected versions
Min -, max 1.5.7.
Status
vulnerable
Previous vulnerability researches
HT Mega – Absolute Addons For Elementor (CVE-2025-1261) , Mar 09, 2025
HT Mega – Absolute Addons For Elementor (CVE-2024-8910) , Sep 26, 2024
HT Mega – Absolute Addons For Elementor (CVE-2024-12597) , Feb 04, 2025
HT Mega – Absolute Addons For Elementor (CVE-2024-38706) , Jul 14, 2024
HT Mega – Absolute Addons For Elementor (CVE-2021-24261) , Jun 07, 2024
New vulnerability
GiveWP – Donation Plugin and Fundraising Platform (CVE-2025-7205) , Aug 02, 2025
Elementor Header & Footer Builder (CVE-2025-8488) , Aug 02, 2025
Ocean Social Sharing (CVE-2025-7500) , Aug 02, 2025
Stratum – Elementor Widgets (CVE-2025-7845) , Aug 02, 2025
BitFire Security – Firewall, WAF, Bot/Spam Blocker, Login Security (CVE-2025-6722) , Aug 02, 2025