cleantalk
Vulnerabilities and Security Researches

UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Element, CVE-2025-32264

CVE, Research URL

CVE-2025-32264

Home page URL

Security reports for UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Element

Application

UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Element

Published on
Apr 04, 2025
Research Description
UltraAddons &#8211; Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode) [ultraaddons-elementor-lite] <= 2.0.0 (unfixed) CVE-2025-32264 [en] Cross-Site Request Forgery (CSRF) vulnerability in Saiful Islam UltraAddons Elementor Lite allows Cross Site Request Forgery. This issue affects UltraAddons Elementor Lite: from n/a through 2.0.0.
Affected versions
Min -, max 2.0.0.
Status
vulnerable
Previous vulnerability researches
Apptivo Business Site CRM (CVE-2025-31909) , Apr 05, 2025
Apptivo Business Site CRM (CVE-2022-44582) , Jun 07, 2024
Apptivo Business Site CRM (CVE-2024-13405) , Feb 20, 2025
New vulnerability
Simple WP Events (CVE-2025-32193) , Apr 06, 2025
Post to Social Media &#8211; WordPress to Hootsuite (CVE-2025-32267) , Apr 06, 2025
Easy WP Optimizer &#8211; Optimize DB &amp; WordPress (CVE-2025-32147) , Apr 06, 2025
Embed Chessboard (CVE-2025-32177) , Apr 06, 2025
teachPress (CVE-2025-32149) , Apr 06, 2025