A vulnerability was found in Magic Buttons for Elementor Plugin up to 1.0 on WordPress. It has been rated as problematic. This issue affects the function magic-button of the component Shortcode Handler. The manipulation leads to cross site scripting.

The identification of this vulnerability is CVE-2025-6687. The attack may be initiated remotely. There is no exploit available.