CVE-2025-6686
The WordPress plugin Magic Buttons for Elementor is affected by a stored cross-site scripting (XSS) flaw in the magic-button shortcode due to insufficient input sanitization and output escaping of user-supplied attributes. Affected versions include all up to 1.0; PT-Security notes versions prior ...