CVE-2025-14163

MEDIUM
2025-12-23 [email protected]
4.3
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None

Lifecycle Timeline

3
Analysis Generated
Apr 08, 2026 - 18:38 vuln.today
Patch Released
Apr 08, 2026 - 18:38 nvd
Patch available
CVE Published
Dec 23, 2025 - 10:15 nvd
MEDIUM 4.3

Tags

WordPress CSRF Premium Addons For Elementor

Description

The Premium Addons for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.11.53. This is due to missing nonce validation in the 'insert_inner_template' function. This makes it possible for unauthenticated attackers to create arbitrary Elementor templates via a forged request granted they can trick a site administrator or other user with the edit_posts capability into performing an action such as clicking on a link.

Analysis

Cross-Site Request Forgery in Premium Addons for Elementor plugin versions up to 4.11.53 allows unauthenticated remote attackers to create arbitrary Elementor templates by exploiting missing nonce validation in the 'insert_inner_template' function. An attacker must trick a site administrator or user with edit_posts capability into clicking a malicious link, but no public exploit code has been identified. The EPSS score of 0.02% indicates this vulnerability has very low exploitation probability in practice despite the CVSS 4.3 rating.

Technical Context

The Premium Addons for Elementor plugin (CPE: cpe:2.3:a:leap13:premium_addons_for_elementor:*:*:*:*:*:wordpress:*:*) is a WordPress plugin that extends the Elementor page builder with additional template functionality. The vulnerability is classified as CWE-352 (Cross-Site Request Forgery), which occurs when the plugin's template manager fails to implement nonce (number used once) validation in the 'insert_inner_template' function located in the manager.php file. Nonce validation is a WordPress security mechanism that ensures state-changing requests originate from legitimate, authenticated sessions. Without this protection, an attacker can craft a malicious request that, when visited by an authorized user, performs unintended actions on their behalf.

Affected Products

Premium Addons for Elementor plugin for WordPress in all versions up to and including 4.11.53 is affected. The plugin is distributed through the WordPress plugin repository and identified by CPE cpe:2.3:a:leap13:premium_addons_for_elementor:*:*:*:*:*:wordpress:*:*. WordPress installations with this plugin active and users possessing edit_posts capabilities are at risk.

Remediation

Update Premium Addons for Elementor to version 4.11.54 or later, which includes vendor-released patches that implement proper nonce validation in the 'insert_inner_template' function. The patch is available via the WordPress plugin repository and can be applied through the WordPress admin dashboard's automatic update mechanism or manual plugin upload. Site administrators should verify the plugin update via the changeset referenced at https://plugins.trac.wordpress.org/changeset/3416254/. Additional security information is available from Wordfence at https://www.wordfence.com/threat-intel/vulnerabilities/id/77b57f2a-0b46-4b4a-bdca-1c5218d739ce and CleanTalk research at https://research.cleantalk.org/cve-2025-14163/.

Priority Score

22
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +22
POC: 0

Share

CVE-2025-14163 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy