CVE-2025-11220 | Elementor Plugin up to 3.33.3 on WordPress Text Path Widget cross site scripting

Inserito da Angelo Barbosa | Dic 16, 2025 | CVE

A vulnerability categorized as problematic has been discovered in Elementor Plugin up to 3.33.3 on WordPress. The impacted element is an unknown function of the component Text Path Widget. Such manipulation leads to cross site scripting.

This vulnerability is documented as CVE-2025-11220. The attack can be executed remotely. There is not any exploit available.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

CVE-2025-11220 | Elementor Plugin up to 3.33.3 on WordPress Text Path Widget cross site scripting

Post correlati

CVE-2024-45744 | TopQuadrant TopBraid EDG 7.1.3 storing passwords in a recoverable format

CVE-2024-9764 | Tungsten Automation Power PDF PDF File Parser use after free (ZDI-24-1362)

CVE-2025-1957 | code-projects Blood Bank System 1.0 /BBfile/Blood/o+.php Bloodname cross site scripting

CVE-2024-10414 | PHPGurukul Vehicle Record System 1.0 /admin/edit-brand.php Brand Name cross site scripting