Reconnecting to live updates…

CVE-2025-69092: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in WPDeveloper Essential Addons for Elementor

Unknown

VulnerabilityCVE-2025-69092cve cve-2025-69092

Published: Tue Dec 30 2025 (12/30/2025, 10:47:58 UTC)

Source: CVE Database V5

Vendor/Project: WPDeveloper

Product: Essential Addons for Elementor

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows DOM-Based XSS.This issue affects Essential Addons for Elementor: from n/a through <= 6.5.3.

Technical Details

Data Version: 5.2
Assigner Short Name: Patchstack
Date Reserved: 2025-12-29T11:19:16.970Z
Cvss Version: null
State: PUBLISHED

Threat ID: 6953b0f571a94549f1bcc16f

Added to database: 12/30/2025, 11:01:09 AM

Last updated: 12/30/2025, 12:02:56 PM

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by

Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Related Threats

CVE-2024-35655: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Brave Brave Popup Builder

Medium

VulnerabilityTue Dec 30 2025

CVE-2025-15246: Deserialization in aizuda snail-job

Medium

VulnerabilityTue Dec 30 2025

CVE-2025-14509: CWE-94 Improper Control of Generation of Code ('Code Injection') in villatheme Lucky Wheel for WooCommerce – Spin a Sale

High

VulnerabilityTue Dec 30 2025

CVE-2025-15245: Path Traversal in D-Link DCS-850L

Medium

VulnerabilityTue Dec 30 2025

CVE-2025-69093: Missing Authorization in wpdesk ShopMagic

Unknown

VulnerabilityTue Dec 30 2025

Actions

Please log in to the Console to use AI analysis features.

External Links

NVD Database MITRE CVE Reference 1 Search on Google

Need more coverage?

Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

CVE-2025-69092: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in WPDeveloper Essential Addons for Elementor

CVE-2025-69092: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in WPDeveloper Essential Addons for Elementor

Description

Technical Details

Community Reviews

Related Threats

CVE-2024-35655: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Brave Brave Popup Builder

CVE-2025-15246: Deserialization in aizuda snail-job

CVE-2025-14509: CWE-94 Improper Control of Generation of Code ('Code Injection') in villatheme Lucky Wheel for WooCommerce – Spin a Sale

CVE-2025-15245: Path Traversal in D-Link DCS-850L

CVE-2025-69093: Missing Authorization in wpdesk ShopMagic

Actions

External Links

Need more coverage?

Latest Threats

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility