CVE-2025-3614
CVE-2025-3614 relates to the ElementsKit Elementor Addons and Templates plugin for WordPress (versions up to 3.5.2). The vulnerability is a Stored Cross-Site Scripting (XSS) via the URL attribute of a custom widget, caused by insufficient input sanitization and output escaping. It is exploitable ...