Vulnerability Details CVE-2025-3813
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘_elementor_data’ parameter in all versions up to, and including, 1.7.1020 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 9.7%
CVSS Severity
CVSS v3 Score 6.4
References
- https://plugins.trac.wordpress.org/browser/royal-elementor-addons/tags/1.7.1021/classes/modules/forms/wpr-submissions-cpt.php?rev=3301438
- https://plugins.trac.wordpress.org/browser/royal-elementor-addons/trunk/classes/modules/forms/wpr-submissions-cpt.php#L24
- https://plugins.trac.wordpress.org/browser/royal-elementor-addons/trunk/classes/modules/forms/wpr-submissions-cpt.php#L75
- https://www.wordfence.com/threat-intel/vulnerabilities/id/b957eb0d-882d-4646-ad84-9c64f957be14?source=cve
Products affected by CVE-2025-3813
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:-
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.0
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.2
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.2
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.21
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.22
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.23
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.25
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.26
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.27
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.28
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.29
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.30
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.32
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.33
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.34
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.36
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.37
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.38
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.39
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.40
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.42
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.43
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.44
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.45
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.46
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.47
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.48
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.49
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.50
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.51
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.56
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.58
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.59
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.60
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.61
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.62
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.63
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.64
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.65
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.66
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.67
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.68
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.69
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.70
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.71
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.75
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.76
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.77
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.78
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.79
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.80
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.81
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.82
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.83
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.84
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.85
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.86
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.87
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.88
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.89
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.90
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.91
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.92
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.93
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.94
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.95
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.96
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.97
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.971
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.972
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.973
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.974
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.975
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.976
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.977
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.978
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.979
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.980
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.981
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.982
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.983
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.984
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.985
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.986
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.987
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.7.1
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.7.1001
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.7.1002
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.7.1003
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.7.1004
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.7.1005
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.7.1006
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.7.1007
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.7.1008
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.7.1009
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.7.1010
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.7.1012
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.7.1013
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.7.1014
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.7.1016
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.7.1017
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.7.1018
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.7.1019
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.7.1020