cleantalk
Vulnerabilities and Security Researches

130+ Widgets | Best Addons For Elementor – FREE, CVE-2025-15369

CVE, Research URL

CVE-2025-15369

Home page URL

Security reports for 130+ Widgets | Best Addons For Elementor – FREE

Application

130+ Widgets | Best Addons For Elementor – FREE

Published on
May 20, 2026
Research Description
The Xpro Addons — 140+ Widgets for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the get_content_editor function in all versions up to, and including, 1.5.0. This makes it possible for unauthenticated attackers to create published Xpro templates.
Affected versions
max 1.5.1.
Status
vulnerable
Previous vulnerability researches
WordPress Classifieds Plugin – Ad Directory & Listings by AWP Classifieds (CVE-2026-24593) , Jan 28, 2026
WordPress Classifieds Plugin – Ad Directory & Listings by AWP Classifieds (CVE-2026-5100) , May 06, 2026
WordPress Classifieds Plugin – Ad Directory & Listings by AWP Classifieds (CVE-2026-39533) , Apr 27, 2026
WordPress Classifieds Plugin – Ad Directory & Listings by AWP Classifieds (CVE-2012-4874) , Jun 07, 2024
WordPress Classifieds Plugin – Ad Directory & Listings by AWP Classifieds (CVE-2022-3254) , Jun 07, 2024
New vulnerability
BLOGCHAT Chat System (CVE-2026-8420) , May 23, 2026
TypeSquare Webfonts for ConoHa (CVE-2026-8610) , May 23, 2026
130+ Widgets | Best Addons For Elementor – FREE (CVE-2025-15369) , May 22, 2026
myCred – Points, Rewards, Gamification, Ranks, Badges & Loyalty Plugin (CVE-2026-42676) , May 22, 2026
Stripe Payment Plugin for WooCommerce (CVE-2026-45217) , May 22, 2026