Browse all 10 CVE security advisories affecting HT Plugins. AI-powered Chinese analysis, POCs, and references for each vulnerability.
HT Plugins develops WordPress extensions to enhance website functionality, with a history of security vulnerabilities including multiple remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws. Their plugins have accumulated 10 CVEs, often stemming from insufficient input validation and improper access controls. Notable incidents include a 2021 RCE vulnerability in a popular contact form plugin that allowed attackers to execute arbitrary code on affected servers. Security researchers have consistently identified similar patterns across their product line, underscoring persistent weaknesses in sanitization and authentication mechanisms. Despite patches, older versions remain vulnerable, posing ongoing risks to unpatched installations.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-53199 | WordPress HT Slider For Elementor plugin <= 1.6.5 - Cross Site Scripting (XSS) Vulnerability — HT Slider For ElementorCWE-79 | 6.5 | Medium | 2025-06-27 |
This page lists every published CVE security advisory associated with HT Plugins. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.