CVE-2025-9698
The Plus Addons for Elementor < 6.3.16 - Author+ Stored XSS
The Plus Addons for Elementor WordPress plugin before 6.3.16 does not sanitize SVG file contents, which could allow users with minimum role access as Author to perform Stored Cross-Site Scripting attacks.
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
Productos afectados
Unknown · The Plus Addons for Elementor¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →