CVE-2025-6686 | Magic Buttons for Elementor Plugin up to 1.0 on WordPress Shortcode magic-button cross site scripting

Inserito da Angelo Barbosa | Lug 1, 2025 | CVE

A vulnerability classified as problematic has been found in Magic Buttons for Elementor Plugin up to 1.0 on WordPress. Affected is the function magic-button of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2025-6686. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-6686 | Magic Buttons for Elementor Plugin up to 1.0 on WordPress Shortcode magic-button cross site scripting

Post correlati

CVE-2024-9352 | Forminator Forms Plugin up to 1.35.1 on WordPress Draft Custom Forms cross-site request forgery

CVE-2025-0364 | BigAntSoft BigAnt Server up to 5.6.06 authentication bypass

CVE-2024-37211 | Ali2Woo Lite Plugin up to 3.3.5 on WordPress cross site scripting

CVE-2024-2943 | Campcodes Online Examination System 1.0 deleteExamExe.php id sql injection