CVE Details
Basic Information
| Title | CVE-2025-48288 |
|---|---|
| Type | cve |
| Published | 2025-05-19T15:15:32 |
| Last Seen | 2025-05-19T15:18:34 |
CVSS Information
| Base Score | 6.5 (MEDIUM) |
|---|---|
| Attack Vector | NETWORK |
| Attack Complexity | LOW |
| Privileges Required | LOW |
| User Interaction | REQUIRED |
| Scope | CHANGED |
| Confidentiality Impact | LOW |
| Integrity Impact | LOW |
| Availability Impact | LOW |
AI Analysis
| AI Description | A stored XSS vulnerability in Element Invader Addons for Elementor allows attackers to inject malicious scripts, potentially affecting multiple users and administrators. This issue could lead to unauthorized actions and data theft. |
|---|---|
| AI Severity | High |
| Vendor | WordPress Community |
| Product | Element Invader Addons for Elementor |
| Affected Version | Unknown |
Additional Information
| CVE List | CVE-2025-48288 |
|---|---|
| CWE List | CWE-79 |
| Bulletin Family | cve |
Description
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Element Invader ElementInvader Addons for Elementor allows Stored XSS. This issue affects ElementInvader Addons for…
CVSS Score Summary
Base Score: %!f(string=#) (MEDIUM)