cleantalk
Vulnerabilities and Security Researches

130+ Widgets | Best Addons For Elementor – FREE, CVE-2025-63044

CVE, Research URL

CVE-2025-63044

Home page URL

Security reports for 130+ Widgets | Best Addons For Elementor – FREE

Application

130+ Widgets | Best Addons For Elementor – FREE

Published on
Dec 09, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows DOM-Based XSS.This issue affects Xpro Elementor Addons: from n/a through <= 1.4.19.1.
Affected versions
max 1.4.19.1.
Status
vulnerable
Previous vulnerability researches
Advanced Flamingo (CVE-2023-52226) , Jun 07, 2024
New vulnerability
School Management System – WPSchoolPress (CVE-2025-11981) , Dec 11, 2025
Booking System for Your WordPress Appointments &#8211; Time Slot (CVE-2025-12842) , Dec 11, 2025
WooCommerce PDF Invoice Builder, Create invoices, packing slips and more (CVE-2025-64269) , Dec 11, 2025
WP Gravity Forms FreshDesk Plugin (CVE-2025-67587) , Dec 11, 2025
Everest Backup &#8211; WordPress Cloud Backup, Migration, Restore &amp; Cloning Plugin (CVE-2025-10304) , Dec 11, 2025