CVE-2025-6686 | Magic Buttons for Elementor Plugin up to 1.0 on WordPress Shortcode magic-button cross site scripting

Inserito da Angelo Barbosa | Lug 1, 2025 | CVE

A vulnerability classified as problematic has been found in Magic Buttons for Elementor Plugin up to 1.0 on WordPress. Affected is the function magic-button of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2025-6686. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-6686 | Magic Buttons for Elementor Plugin up to 1.0 on WordPress Shortcode magic-button cross site scripting

Post correlati

CVE-2024-20709 | Adobe Acrobat Reader up to 120.0.2210.91 on Edge denial of service

CVE-2023-49001 | Indi Browser 12.11.23 com.example.gurry.kvbrowswer.webview code injection

CVE-2025-6379 | BeeTeam368 Extensions Pro Plugin up to 2.3.4 on WordPress handle_live_fn path traversal

CVE-2024-36931 | Linux Kernel up to 5.15.158/6.1.90/6.6.30/6.8.9 memdup_user_nul memory corruption