Sploit.io - Search

Product: X Addons for Elementor, version: >= n/a, <= 1.0.14

CVE-2025-48132

Severity: MEDIUM

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pencilwp X Addons for Elementor allows Stored XSS. This issue affects X Addons for Elementor: from n/a through 1.0.14.

CVSS Score: 6.5

Affected Products:

pencilwp X Addons for Elementor - Versions: n/a

References:

https://patchstack.com/database/wordpress/plugin/x-addons-elementor/vulnerability/wordpress-x-addons-for-elementor-1-0-14-cross-site-scripting-xss-vulnerability?_s_id=cve