exploitDog

CVE-2025-9698

Опубликовано: 13 окт. 2025

Источник: nvd

CVSS3: 6.8

EPSS Низкий

Описание

The Plus Addons for Elementor WordPress plugin before 6.3.16 does not sanitize SVG file contents, which could allow users with minimum role access as Author to perform Stored Cross-Site Scripting attacks.

Ссылки

https://wpscan.com/vulnerability/a9539def-d92b-4117-b36a-17015c578d89/

EPSS

Процентиль: 16%

0.00052

Низкий

6.8 Medium

CVSS3

Дефекты

Связанные уязвимости

GHSA-4h5m-4h63-c8cc

CVSS3: 6.8

github

4 месяца назад

The Plus Addons for Elementor WordPress plugin before 6.3.16 does not sanitize SVG file contents, which could allow users with minimum role access as Author to perform Stored Cross-Site Scripting attacks.

EPSS

Процентиль: 16%

0.00052

Низкий

6.8 Medium

CVSS3

Дефекты