CVE-2025-12837 | aThemes Addons for Elementor Plugin up to 1.1.5 on WordPress Action Widget cross site scripting

Inserito da Angelo Barbosa | Nov 8, 2025 | CVE

A vulnerability marked as problematic has been reported in aThemes Addons for Elementor Plugin up to 1.1.5 on WordPress. Affected by this issue is some unknown functionality of the component Action Widget. Performing manipulation results in cross site scripting.

This vulnerability is cataloged as CVE-2025-12837. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-12837 | aThemes Addons for Elementor Plugin up to 1.1.5 on WordPress Action Widget cross site scripting

Post correlati

CVE-2024-29039 | tpm2-tools pcr Selection Value tpm2_checkquote.c comparison

CVE-2024-49361 | torinriley ACON up to 1.1.0 input validation (GHSA-345g-6rmp-3cv9)

CVE-2025-1956 | code-projects Shopping Portal 1.0 Login index.php password sql injection

CVE-2022-45176 | Livebox Collaboration vDesk up to 018 /api/v1/getbodyfile uri cross site scripting