CVE-2025-9698

The Plus Addons for Elementor WordPress plugin before 6.3.16 does not sanitize SVG file contents, which could allow users with minimum role access as Author to perform Stored Cross-Site Scripting attacks...

WordPress The Plus Addons for Elementor plugin < 6.3.16 - Author+ Stored XSS vulnerability

Author+ Stored XSS vulnerability discovered by Tan Nguyen in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions 6.3.16...

PT-2025-41756

Name of the Vulnerable Software and Affected Versions Plus Addons for Elementor versions prior to 6.3.16 Description The Plus Addons for Elementor WordPress plugin does not properly sanitize SVG file contents. This could allow users with Author-level access or higher to execute Stored Cross-Site...

UIkarma 输入验证错误漏洞

karma is a simple tool that allows you to execute JavaScript code in multiple real browsers. karma versions prior to 6.3.16 have a security vulnerability that stems from a lack of validation of returned url query parameters, which could be exploited to perform redirect attacks...