CVE-2025-48288

ElementInvader Addons for Elementor (WordPress) is affected by CVE-2025-48288: Stored XSS caused by improper input neutralization during web page generation in versions up to 1.3.5. The issue enables stored cross-site scripting through the affected plugin and has a CVSS v3.1 base score of 6.5 (Me...

CVE-2025-48288 WordPress ElementInvader Addons for Elementor plugin <= 1.3.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows Stored XSS.This issue affects ElementInvader Addons for Elementor: from n/a through = 1.3.5...

CVE-2025-48288 WordPress ElementInvader Addons for Elementor plugin <= 1.3.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows Stored XSS.This issue affects ElementInvader Addons for Elementor: from n/a through = 1.3.5...

CVE-2025-48244 WordPress Exclusive Addons Elementor plugin <= 2.7.9 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tim Strifler Exclusive Addons Elementor exclusive-addons-for-elementor allows Stored XSS.This issue affects Exclusive Addons Elementor: from n/a through = 2.7.9...

CVE-2025-48244

CVE-2025-48244 concerns the WordPress plugin Exclusive Addons for Elementor. The vulnerability is a Stored XSS due to improper input neutralization in Exclusive Addons Elementor versions n/a–2.7.9. CVSSv3.1 base score 5.9 (Medium) with Network attack vector, high privileges required, user interac...

CVE-2025-48244 WordPress Exclusive Addons Elementor plugin <= 2.7.9 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tim Strifler Exclusive Addons Elementor exclusive-addons-for-elementor allows Stored XSS.This issue affects Exclusive Addons Elementor: from n/a through = 2.7.9...

CVE-2025-48232 WordPress Xpro Addons For Beaver Builder – Lite plugin <= 1.5.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xpro Xpro Addons For Beaver Builder – Lite xpro-addons-beaver-builder-elementor allows Stored XSS.This issue affects Xpro Addons For Beaver Builder – Lite: from n/a through = 1.5.5...

CVE-2025-48232 WordPress Xpro Addons For Beaver Builder – Lite plugin <= 1.5.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xpro Xpro Addons For Beaver Builder – Lite xpro-addons-beaver-builder-elementor allows Stored XSS.This issue affects Xpro Addons For Beaver Builder – Lite: from n/a through = 1.5.5...

CVE-2025-48232

CVE-2025-48232 describes a Stored XSS vulnerability in Xpro Addons For Beaver Builder – Lite. Connected sources specify that the issue affects Xpro Addons For Beaver Builder – Lite versions up to and including 1.5.5, caused by improper input neutralization during web page generation. The CVE is d...

WordPress plugin ElementInvader Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin Exclusive Addons Elementor 跨站脚本漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in WordPress plugin...

WordPress plugin Xpro Addons For Beaver Builder Lite 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2025-21957 · Elementor · Exclusive Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Exclusive Addons Elementor versions n/a through 2.7.9 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means an attacker can...

PT-2025-21989 · Elementor · Elementinvader Addons For Elementor

Name of the Vulnerable Software and Affected Versions: ElementInvader Addons for Elementor versions 1.3.5 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an...

PT-2025-21946 · Unknown · Xpro Addons For Beaver Builder – Lite

Name of the Vulnerable Software and Affected Versions: Xpro Addons For Beaver Builder – Lite versions 1.5.5 and earlier Description: The issue affects the Xpro Addons For Beaver Builder – Lite, allowing Stored XSS due to improper neutralization of input during web page generation. Recommendations...

CVE-2025-48132

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pencilwp X Addons for Elementor x-addons-elementor allows Stored XSS.This issue affects X Addons for Elementor: from n/a through = 1.0.16...

ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess (>=0.1.0 <=0.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess-storage-jpa (>=0.1.0 <=0.2.0) +15719 more potentially affected by CVE-2025-22233 via org.springframework:spring-context (>=6.2.0 <=6.2.6)

org.springframework:spring-context MAVEN version =6.2.0, =0.1.0, =0.1.0, =0.114.0, =0.114.0, =0.114.0, =0.114.0, =0.5.0, =0.8.0, =0.9.0 - ai.astraform:remote-domain-author-kit-java =0.1.0 and more Source cves: CVE-2025-22233 Source advisory: OSV:GHSA-4WP7-92PW-Q264...

CVE-2025-48132

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pencilwp X Addons for Elementor x-addons-elementor allows Stored XSS.This issue affects X Addons for Elementor: from n/a through = 1.0.16...

CVE-2025-48132 WordPress X Addons for Elementor plugin <= 1.0.16 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pencilwp X Addons for Elementor x-addons-elementor allows Stored XSS.This issue affects X Addons for Elementor: from n/a through = 1.0.16...

CVE-2025-48132

CVE-2025-48132 affects X Addons for Elementor (WordPress plugin). The issue is a Stored XSS due to improper input neutralization during web page generation, affecting versions n/a through 1.0.14. Public sources (PT-2025-21730, Patchstack, CVE listings) identify the fix as upgrading beyond version...