CVE-2025-2330 | All-in-One Addons for Elementor Plugin up to 2.5.4 on WordPress button+modal Widget cross site scripting

Inserito da Angelo Barbosa | Lug 2, 2025 | CVE

A vulnerability, which was classified as problematic, has been found in All-in-One Addons for Elementor Plugin up to 2.5.4 on WordPress. This issue affects some unknown processing of the component button+modal Widget. The manipulation leads to cross site scripting.

The identification of this vulnerability is CVE-2025-2330. The attack may be initiated remotely. There is no exploit available.

CVE-2025-2330 | All-in-One Addons for Elementor Plugin up to 2.5.4 on WordPress button+modal Widget cross site scripting

Post correlati

CVE-2024-57875 | Linux Kernel up to 6.12.4 disk_zone_is_conv null pointer dereference

CVE-2024-3728 | wpdevteam Essential Addons for Elementor Plugin up to 5.9.15 on WordPress Filterable Gallery / Interactive Circle Widgets cross site scripting (ID 3075644)

CVE-2024-8792 | Subscribe to Comments Plugin up to 2.3 on WordPress cross site scripting

CVE-2024-31246 | WPXPO PostX Plugin up to 3.2.3 on WordPress authorization