A critical security vulnerability in the Essential Addons for Elementor plugin (CVE-2025-24752) has put over two million WordPress websites at risk of cross-site scripting (XSS) attacks. The vulnerability discovered in the plugin’s handling of user inputs allowed attackers to inject malicious scripts through crafted URLs. Patched in version 6.0.15, this incident underscores the importance of […]
The post WordPress Plugin Vulnerability Exposes Millions of Websites to Script Injection Attacks appeared first on Cyber Security News.
This article has been indexed from Cyber Security News