cleantalk
Vulnerabilities and Security Researches

130+ Widgets | Best Addons For Elementor – FREE, CVE-2025-32163

CVE, Research URL

CVE-2025-32163

Home page URL

Security reports for 130+ Widgets | Best Addons For Elementor – FREE

Application

130+ Widgets | Best Addons For Elementor – FREE

Published on
Apr 04, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xpro Xpro Elementor Addons allows Stored XSS. This issue affects Xpro Elementor Addons: from n/a through 1.4.9.
Affected versions
Min -, max 1.4.9.
Status
vulnerable
Previous vulnerability researches
WP Cassify (CVE-2025-30771) , Mar 28, 2025
New vulnerability
Website Logo (CVE-2025-32258) , Apr 06, 2025
TableOn – WordPress Posts Table Filterable  (CVE-2025-32218) , Apr 06, 2025
WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms (CVE-2025-32269) , Apr 06, 2025
Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTube, Vimeo) Video Gallery and Lightbox for native gallery (CVE-2025-32176) , Apr 06, 2025
Pay with Contact Form 7 (CVE-2025-32126) , Apr 06, 2025