cleantalk
Vulnerabilities and Security Researches

130+ Widgets | Best Addons For Elementor – FREE, CVE-2025-58195

CVE, Research URL

CVE-2025-58195

Home page URL

Security reports for 130+ Widgets | Best Addons For Elementor – FREE

Application

130+ Widgets | Best Addons For Elementor – FREE

Published on
Aug 27, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xpro Xpro Elementor Addons allows Stored XSS. This issue affects Xpro Elementor Addons: from n/a through 1.4.17.
Affected versions
Min -, max 1.4.18.
Status
vulnerable
Previous vulnerability researches
RingCentral Communications Plugin – FREE (CVE-2024-53770) , Dec 06, 2024
RingCentral Communications Plugin – FREE (CVE-2025-7955) , Aug 28, 2025
New vulnerability
GiveWP – Donation Plugin and Fundraising Platform (CVE-2025-7221) , Aug 29, 2025
Add Code To Head (CVE-2025-48314) , Aug 29, 2025
130+ Widgets | Best Addons For Elementor – FREE (CVE-2025-58195) , Aug 29, 2025
WP Bulk Delete (CVE-2025-58192) , Aug 29, 2025
Responsive Mobile-Friendly Tooltip (CVE-2025-48316) , Aug 29, 2025