CVE-2025-9698
The Plus Addons for Elementor < 6.3.16 - Author+ Stored XSS
The Plus Addons for Elementor WordPress plugin before 6.3.16 does not sanitize SVG file contents, which could allow users with minimum role access as Author to perform Stored Cross-Site Scripting attacks.
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
Produtos afetados
Unknown · The Plus Addons for ElementorQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →