The Plus Addons for Elementor, CVE-2025-9698

CVE, Research URL: CVE-2025-9698
Home page URL: Security reports for The Plus Addons for Elementor
Application: The Plus Addons for Elementor
Published on: Oct 13, 2025
Research Description: The Plus Addons for Elementor WordPress plugin before 6.3.16 does not sanitize SVG file contents, which could allow users with minimum role access as Author to perform Stored Cross-Site Scripting attacks.
Affected versions: max 6.3.16.
Status: vulnerable