CVE-2025-8200
Published
CVSS v3
6.4
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT
Description
The Mega Elements – Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown Timer widget in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
<p>Mega Elements is a powerful and advanced all in one Elementor addons that help you to create a beautiful website with ease. It offers many customizations and unique styling options to enhance the look and feel of every element on your website.</p>
<p>Build a sturdy and beautiful website with Mega Elements in less time without any coding skills.</p>
<p><a href="https://kraftplugins.com/mega-elements/widgets/" rel="nofollow ugc">Check the Demo</a>.</p>
<h3>23+ HIGHLY CUSTOMIZABLE WIDGETS</h3>
<ul>
<li><strong><em>Accordion</em></strong> – Add beautiful accordions in your posts and pages.</li>
<li><strong><em>Blockquotey</em></strong> – Add your favorite quote with unique styling.</li>
<li><strong><em>Blog</em></strong> – Display your articles anywhere on your site using advanced customization options.</li>
<li><strong><em>Button</em></strong> – Insert button and configure it as per your preference.</li>
<li><strong><em>Call to Action</em></strong> – Display Call to Action across your site to encourage your visitors to take an action.</li>
<li><strong><em>Category</em></strong> – Feature your blog post categories with the post count.</li>
<li><strong><em>Checklist</em></strong> – Easily create a checklist to share on your site.</li>
<li><strong><em>Client Logo</em></strong> – Showcase the website you have been featured on or clients you have worked with.</li>
<li><strong><em>Contact Form 7</em></strong> – Get full customization control of your contact form.</li>
<li><strong><em>Countdown</em></strong> – Display the countdown timer to grab your visitors’ attention.</li>
<li><strong><em>Counter</em></strong> – Showcase your important statistics or data.</li>
<li><strong><em>Dual Heading</em></strong> – Customize your headings with different color and fonts.</li>
<li><strong><em>BlossomThemes Email Newsletter</em></strong> – Seamlessly integrate the email newsletter to grow your subscribers.</li>
<li><strong><em>Feature List</em></strong> -Display a piece of information with an icon, title, and short description.</li>
<li><strong><em>Featured Page</em></strong> – Easily display your page with featured image and content with a beautiful design.</li>
<li><strong><em>Info Box Grid</em></strong> – List the different services that you offer to your customers.</li>
<li><strong><em>Team</em></strong> – Introduce your awesome team members elegantly.</li>
<li><strong><em>Team_Carousel</em></strong> – Display all your team members at once using different carousel layouts.</li>
<li><strong><em>Testimonial</em></strong> – Share what your clients are saying about you and your brand.</li>
<li><strong><em>Testimonial_Carousel</em></strong> – Choose from different layouts to display your clients testimonials.</li>
<li><strong><em>Pricing_Table</em></strong> – Easily add a pricing table on your site.</li>
<li><strong><em>Price_Menu</em></strong> – Make a beautiful pricing menu for your products.</li>
<li><strong><em>Tabs</em></strong> – Add tabs to elegantly display different information.</li>
</ul>
<h3>Images</h3>
WordPress Plugin Directory