Name of the Vulnerable Software and Affected Versions:

HT Mega – Absolute Addons For Elementor plugin for WordPress versions prior to 2.9.2

Description:

The HT Mega – Absolute Addons For Elementor plugin for WordPress is susceptible to a path traversal issue. This allows authenticated attackers with Author-level access or higher to create and delete CSS files in any directory within a Windows environment through the `save block css` function.

Recommendations:

Update HT Mega – Absolute Addons For Elementor plugin for WordPress to version 2.9.2 or later.