Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

devitemsllc — Vulnerabilities & Security Advisories 43

Browse all 43 CVE security advisories affecting devitemsllc. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Devitemsllc operates as a software development entity, primarily providing digital assets and components for web applications. Security audits reveal a concerning pattern of forty-three recorded Common Vulnerabilities and Exposures (CVEs), indicating systemic issues in their development lifecycle. The most prevalent vulnerability classes include Remote Code Execution (RCE), Cross-Site Scripting (XSS), and SQL Injection, suggesting inadequate input validation and sanitization protocols. Additionally, instances of broken access control and privilege escalation highlight significant flaws in authentication and authorization mechanisms. These technical deficiencies pose substantial risks to downstream clients relying on devitemsllc’s integrated solutions. While no single catastrophic data breach has been publicly attributed solely to the company, the high volume of critical flaws necessitates rigorous third-party security assessments. Organizations utilizing these components must implement strict sandboxing and continuous monitoring to mitigate the inherent risks associated with the identified attack vectors.

Top products by devitemsllc: HT Mega Addons for Elementor – Elementor Widgets & Template Builder ShopLentor – All-in-One WooCommerce Growth & Store Enhancement Plugin HT Event – WordPress Event Manager Plugin for Elementor
CVE IDTitleCVSSSeverityPublished
CVE-2023-7067 ShopLentor <= 2.8.1 - Improper Authorization via woolentor_template_store — ShopLentor – All-in-One WooCommerce Growth & Store Enhancement PluginCWE-862 4.3 Medium2024-05-02
CVE-2024-3991 ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) <= 2.8.7 - Authenticated (contributor+) Stored Cross-Site Scripting via _id — ShopLentor – All-in-One WooCommerce Growth & Store Enhancement PluginCWE-79 6.4 Medium2024-05-02
CVE-2024-2790 HT Mega – Absolute Addons For Elementor <= 2.4.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Accordion/FAQ — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-79 6.4 Medium2024-05-02
CVE-2023-6214 HT Mega – Absolute Addons For Elementor <= 2.4.6 - Sensitive Information Exposure via purchased_products — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-200 7.5 High2024-05-02
CVE-2024-3308 HT Mega – Absolute Addons For Elementor <= 2.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Grid Widget — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-79 6.4 Medium2024-05-02
CVE-2024-2085 HT Mega – Absolute Addons For Elementor <= 2.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'size' — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-79 6.4 Medium2024-05-02
CVE-2024-1057 ShopLentor – WooCommerce Builder for Elementor & Gutenberg +10 Modules – All in One Solution (formerly WooLentor) <= 2.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — ShopLentor – All-in-One WooCommerce Growth & Store Enhancement PluginCWE-79 6.4 Medium2024-04-20
CVE-2024-2946 ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) <= 2.8.4 - Authenticated (Contributor+) Stored Cross-site Scripting via QR Code Widget — ShopLentor – All-in-One WooCommerce Growth & Store Enhancement PluginCWE-79 6.4 Medium2024-04-09
CVE-2024-1960 ShopLentor <= 2.8.1 - Authenticated(Contributor+) Stored Cross-Site Scripting via Banner Link — ShopLentor – All-in-One WooCommerce Growth & Store Enhancement PluginCWE-79 6.4 Medium2024-04-09
CVE-2024-1974 HT Mega – Absolute Addons For Elementor <= 2.4.5 - Authenticated (Contributor+) Directory Traversal — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-22 8.8 High2024-04-09
CVE-2024-2868 ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) <= 2.8.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via WL Universal Product Layout — ShopLentor – All-in-One WooCommerce Growth & Store Enhancement PluginCWE-79 6.4 Medium2024-04-04
CVE-2024-1421 HT Mega – Absolute Addons For Elementor <= 2.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Carousel Widget — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-79 6.4 Medium2024-03-12
CVE-2024-1397 HT Mega <= 2.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via titleTag — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-79 6.4 Medium2024-03-12

This page lists every published CVE security advisory associated with devitemsllc. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.