cleantalk
Vulnerabilities and Security Researches

UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Element, CVE-2025-32264

CVE, Research URL

CVE-2025-32264

Home page URL

Security reports for UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Element

Application

UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Element

Published on
Apr 04, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Saiful Islam UltraAddons Elementor Lite allows Cross Site Request Forgery. This issue affects UltraAddons Elementor Lite: from n/a through 2.0.0.
Affected versions
Min -, max 2.0.0.
Status
vulnerable
Previous vulnerability researches
UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Element (CVE-2025-48131) , May 18, 2025
UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Element (db4ed23e814e247654db61f48f5a3522297aeb2d) , Jun 07, 2024
UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Element (CVE-2025-32264) , Apr 05, 2025
UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Element (CVE-2024-49277) , Oct 20, 2024
UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Element (CVE-2024-10696) , Nov 22, 2024
New vulnerability
Wise Chat (CVE-2024-13613) , May 18, 2025
WP Booking Calendar (CVE-2025-4669) , May 18, 2025
WooCommerce POS (CVE-2025-48117) , May 18, 2025
BERTHA AI. Your AI co-pilot for WordPress and Chrome (CVE-2025-48138) , May 18, 2025
SEO Flow by LupsOnline (CVE-2025-48146) , May 18, 2025