CVE-2025-3075 | Elementor Plugin up to 3.29.0 on WordPress Shortcode elementor-element cross site scripting

Inserito da Angelo Barbosa | Lug 28, 2025 | CVE

A vulnerability was found in Elementor Plugin up to 3.29.0 on WordPress. It has been declared as problematic. Affected by this vulnerability is the function elementor-element of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is known as CVE-2025-3075. The attack can be launched remotely. There is no exploit available.

CVE-2025-3075 | Elementor Plugin up to 3.29.0 on WordPress Shortcode elementor-element cross site scripting

Post correlati

CVE-2024-22453 | Dell PowerEdge Platform prior 1.19.0/2.14.0/2.19.0 BIOS heap-based overflow (dsa-2024-105)

CVE-2023-38519 | MainWP Dashboard Plugin up to 4.4.3.3 on WordPress sql injection

CVE-2024-47150 | Honor Magic OS up to 8.0.0.64 information disclosure

CVE-2024-28835 | GnuTLS up to 3.8.3 PEM Bundle Verification uncaught exception