3 matches found
CVE-2025-8212 Medical Addon for Elementor <= 1.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Typewriter Widget
The Medical Addon for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Typewriter widget in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-8212
CVE-2025-8212 affects the WordPress plugin Medical Addon for Elementor. The issue is a Stored Cross-Site Scripting (XSS) in the Typewriter widget across all versions up to 1.6.3, caused by insufficient input sanitization and output escaping of user-supplied attributes. Exploitation requires authe...
WordPress Medical Addon for Elementor plugin <= 1.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Typewriter Widget vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Typewriter Widget vulnerability discovered by zer0gh0st in WordPress Plugin Medical Addon for Elementor versions = 1.6.3...