Vulnerabilities in devitemsllc
44 resultsCVE-2024-2946MEDIUMShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) <= 2.8.4 - Authenticated (Contributor+) Stored Cross-site Scripting via QR Code WidgetEPSS 0.3%CVE-2023-7067MEDIUMShopLentor <= 2.8.1 - Improper Authorization via woolentor_template_storeEPSS 0.3%CVE-2024-3989MEDIUMHT Mega – Absolute Addons For Elementor <= 2.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gallery JustifyEPSS 0.3%CVE-2024-2790MEDIUMHT Mega – Absolute Addons For Elementor <= 2.4.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Accordion/FAQEPSS 0.3%CVE-2024-3307MEDIUMHT Mega – Absolute Addons For Elementor <= 2.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown WidgetEPSS 0.3%CVE-2024-1421MEDIUMHT Mega – Absolute Addons For Elementor <= 2.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Carousel WidgetEPSS 0.3%CVE-2024-2085MEDIUMHT Mega – Absolute Addons For Elementor <= 2.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'size'EPSS 0.3%CVE-2024-1057MEDIUMShopLentor – WooCommerce Builder for Elementor & Gutenberg +10 Modules – All in One Solution (formerly WooLentor) <= 2.8.1 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2024-2084MEDIUMHT Mega – Absolute Addons For Elementor <= 2.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Lightbox WidgetEPSS 0.3%CVE-2024-12599MEDIUMHT Mega – Absolute Addons For Elementor <= 2.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown WidgetEPSS 0.3%CVE-2025-8401MEDIUMHT Mega – Absolute Addons For Elementor <= 2.9.1 - Authenticated (Author+) Sensitive Information ExposureEPSS 0.3%CVE-2024-8910MEDIUMHT Mega – Absolute Addons For Elementor <= 2.6.5 - Authenticated (Contributor+) Sensitive Information Exposure via template_idEPSS 0.3%CVE-2026-4059MEDIUMShopLentor <= 3.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'button_text' Shortcode AttributeEPSS 0.3%CVE-2024-12597MEDIUMHT Mega <= 2.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via block_css and inner_cssEPSS 0.3%CVE-2024-13216MEDIUMHT Event – WordPress Event Manager Plugin for Elementor <= 1.4.7 - Authenticated (Contributor+) Sensitive Information Exposure via HT Event: SponsorEPSS 0.3%CVE-2025-8068MEDIUMHT Mega – Absolute Addons For Elementor <= 2.9.1 - Improper Authorization to Authenticated (Contributor+) Limited Administrator ActionsEPSS 0.3%CVE-2025-1802MEDIUMHT Mega – Absolute Addons For Elementor <= 2.8.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple WidgetsEPSS 0.3%CVE-2024-5173MEDIUMHT Mega – Absolute Addons For Elementor <= 2.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Video Player Widget SettingsEPSS 0.3%CVE-2025-3775MEDIUMShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) <= 3.1.2 - Unauthenticated Server-Side Request Forgery via URL ParameterEPSS 0.2%CVE-2025-1527MEDIUMShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) <= 3.1.0 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Flash Sale Countdown ModuleEPSS 0.2%