Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

devitemsllc — Vulnerabilities & Security Advisories 43

Browse all 43 CVE security advisories affecting devitemsllc. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Devitemsllc operates as a software development entity, primarily providing digital assets and components for web applications. Security audits reveal a concerning pattern of forty-three recorded Common Vulnerabilities and Exposures (CVEs), indicating systemic issues in their development lifecycle. The most prevalent vulnerability classes include Remote Code Execution (RCE), Cross-Site Scripting (XSS), and SQL Injection, suggesting inadequate input validation and sanitization protocols. Additionally, instances of broken access control and privilege escalation highlight significant flaws in authentication and authorization mechanisms. These technical deficiencies pose substantial risks to downstream clients relying on devitemsllc’s integrated solutions. While no single catastrophic data breach has been publicly attributed solely to the company, the high volume of critical flaws necessitates rigorous third-party security assessments. Organizations utilizing these components must implement strict sandboxing and continuous monitoring to mitigate the inherent risks associated with the identified attack vectors.

Found 24 results / 43Clear Filters
Top products by devitemsllc: HT Mega Addons for Elementor – Elementor Widgets & Template Builder ShopLentor – All-in-One WooCommerce Growth & Store Enhancement Plugin HT Event – WordPress Event Manager Plugin for Elementor
CVE IDTitleCVSSSeverityPublished
CVE-2025-13141 HT Mega – Absolute Addons For Elementor <= 3.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Tag Attribute Injection — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-79 6.4 Medium2025-11-21
CVE-2025-8401 HT Mega – Absolute Addons For Elementor <= 2.9.1 - Authenticated (Author+) Sensitive Information Exposure — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-285 4.3 Medium2025-07-31
CVE-2025-8068 HT Mega – Absolute Addons For Elementor <= 2.9.1 - Improper Authorization to Authenticated (Contributor+) Limited Administrator Actions — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-863 4.3 Medium2025-07-31
CVE-2025-8151 HT Mega – Absolute Addons For Elementor <= 2.9.1 - Authenticated (Author+) Path Traversal to Limited Arbitrary CSS File Actions — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-22 4.3 Medium2025-07-31
CVE-2025-1802 HT Mega – Absolute Addons For Elementor <= 2.8.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-79 6.4 Medium2025-03-20
CVE-2025-1261 HT Mega – Absolute Addons For Elementor <= 2.8.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Countdown Widget — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-79 6.4 Medium2025-03-08
CVE-2024-12599 HT Mega – Absolute Addons For Elementor <= 2.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-79 6.4 Medium2025-02-11
CVE-2024-12597 HT Mega <= 2.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via block_css and inner_css — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-79 6.4 Medium2025-02-04
CVE-2024-8910 HT Mega – Absolute Addons For Elementor <= 2.6.5 - Authenticated (Contributor+) Sensitive Information Exposure via template_id — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-1230 4.3 Medium2024-09-25
CVE-2024-5215 HT Mega – Absolute Addons For Elementor <= 2.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-79 6.4 Medium2024-06-26
CVE-2024-5173 HT Mega – Absolute Addons For Elementor <= 2.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Video Player Widget Settings — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-79 6.4 Medium2024-06-26
CVE-2024-4876 HT Mega – Absolute Addons For Elementor <= 2.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-79 6.4 Medium2024-05-21
CVE-2024-4875 HT Mega – Absolute Addons For Elementor <= 2.5.2 - Missing Authorization to Options Update — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-862 4.3 Medium2024-05-21
CVE-2024-3990 HT Mega – Absolute Addons For Elementor <= 2.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Tooltip & Popover Widget — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-79 6.4 Medium2024-05-09
CVE-2024-3989 HT Mega – Absolute Addons For Elementor <= 2.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gallery Justify — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-79 6.4 Medium2024-05-09
CVE-2024-3307 HT Mega – Absolute Addons For Elementor <= 2.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-79 6.4 Medium2024-05-02
CVE-2024-2084 HT Mega – Absolute Addons For Elementor <= 2.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Lightbox Widget — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-79 6.4 Medium2024-05-02
CVE-2023-6214 HT Mega – Absolute Addons For Elementor <= 2.4.6 - Sensitive Information Exposure via purchased_products — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-200 7.5 High2024-05-02
CVE-2024-2790 HT Mega – Absolute Addons For Elementor <= 2.4.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Accordion/FAQ — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-79 6.4 Medium2024-05-02
CVE-2024-3308 HT Mega – Absolute Addons For Elementor <= 2.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Grid Widget — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-79 6.4 Medium2024-05-02
CVE-2024-2085 HT Mega – Absolute Addons For Elementor <= 2.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'size' — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-79 6.4 Medium2024-05-02
CVE-2024-1974 HT Mega – Absolute Addons For Elementor <= 2.4.5 - Authenticated (Contributor+) Directory Traversal — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-22 8.8 High2024-04-09
CVE-2024-1421 HT Mega – Absolute Addons For Elementor <= 2.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Carousel Widget — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-79 6.4 Medium2024-03-12
CVE-2024-1397 HT Mega <= 2.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via titleTag — HT Mega Addons for Elementor – Elementor Widgets & Template BuilderCWE-79 6.4 Medium2024-03-12

This page lists every published CVE security advisory associated with devitemsllc. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.