Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Tue, 14 Oct 2025 21:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
Mon, 13 Oct 2025 06:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The Plus Addons for Elementor WordPress plugin before 6.3.16 does not sanitize SVG file contents, which could allow users with minimum role access as Author to perform Stored Cross-Site Scripting attacks. | |
| Title | The Plus Addons for Elementor < 6.3.16 - Author+ Stored XSS | |
| References |
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: WPScan
Published:
Updated: 2025-10-14T20:25:25.025Z
Reserved: 2025-08-29T15:34:40.525Z
Link: CVE-2025-9698
No data.
Status : Deferred
Published: 2025-10-13T06:15:42.677
Modified: 2026-06-17T10:09:33.490
Link: CVE-2025-9698
No data.
OpenCVE Enrichment
No data.
No weakness.