4 matches found
WordPress Themesflat Addons For Elementor plugin <= 2.2.5 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin themesflat-addons-for-elementor versions = 2.2.5...
CVE-2025-3275
creationtimestamp| type| source ---|---|--- 2025-04-19 03:59:47+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12562 2025-04-19 06:39:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ln5jm52jrh2l 2025-04-19 06:47:27+00:00| seen| https://t.me/cvedetector/23357 2025-04-19...
CVE-2025-3275 Themesflat Addons For Elementor <= 2.2.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the TF E Slider widget in all versions up to, and including, 2.2.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-3275 Themesflat Addons For Elementor <= 2.2.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the TF E Slider widget in all versions up to, and including, 2.2.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...