CVE-2025-30812 identifies a stored cross-site scripting (XSS) vulnerability in the SKT Addons for Elementor plugin, a popular WordPress extension developed by sonalsinha21. The vulnerability stems from improper neutralization of user-supplied input during the generation of web pages, allowing malicious scripts to be injected and stored persistently within the affected website's content. When other users or administrators access the compromised pages, the malicious scripts execute in their browsers under the context of the vulnerable site, potentially leading to session hijacking, credential theft, unauthorized actions, or malware distribution. The flaw affects all versions up to and including 3.5, with no patch currently available as per the provided data. Exploitation requires no authentication or special user interaction beyond visiting the infected page, increasing the attack surface. Although no known exploits are reported in the wild, the vulnerability represents a significant risk due to the widespread use of Elementor and its addons in WordPress sites globally. The lack of a CVSS score necessitates an independent severity assessment based on the vulnerability's characteristics.

The stored XSS vulnerability in SKT Addons for Elementor can have severe consequences for organizations running affected WordPress sites. Attackers can inject malicious scripts that execute in the browsers of site visitors or administrators, leading to theft of sensitive information such as cookies, session tokens, or personal data. This can facilitate account takeover, unauthorized access, or further compromise of the website and its users. Additionally, attackers may deface websites, damage brand reputation, or use the site as a vector to distribute malware to visitors. The vulnerability undermines the confidentiality and integrity of web applications and can indirectly impact availability if attackers leverage it to conduct further attacks or cause disruptions. Given the plugin's popularity, a large number of websites worldwide could be affected, increasing the potential scale and impact of exploitation.

Organizations should immediately audit their WordPress installations to identify the presence of SKT Addons for Elementor plugin versions up to 3.5. Until an official patch is released, administrators should consider disabling or uninstalling the plugin to eliminate the attack vector. Implementing a Web Application Firewall (WAF) with rules to detect and block common XSS payloads can provide temporary protection. Additionally, site owners should enforce strict Content Security Policy (CSP) headers to restrict script execution origins and reduce the impact of injected scripts. Regularly scanning websites for malicious content and monitoring logs for suspicious activity can help detect exploitation attempts. Educating site administrators and users about the risks of XSS and maintaining up-to-date backups will aid in recovery if compromise occurs. Once a patch is available, prompt application is critical to fully remediate the vulnerability.