Wpbits Addons For Elementor Page Builder
Monthly
Stored cross-site scripting (XSS) in WPBITS Addons For Elementor Page Builder versions up to 1.8.1 allows authenticated attackers with low privileges to inject malicious scripts that execute in the context of other users' browsers. The vulnerability stems from improper input sanitization during web page generation, enabling an attacker to persistently compromise site content and steal session tokens or perform administrative actions on behalf of legitimate users. EPSS exploitation probability is very low at 0.03%, indicating limited real-world attack likelihood despite moderate CVSS severity.
Stored cross-site scripting (XSS) in WPBITS Addons For Elementor Page Builder versions up to 1.8.1 allows authenticated attackers with low privileges to inject malicious scripts that execute in the context of other users' browsers. The vulnerability stems from improper input sanitization during web page generation, enabling an attacker to persistently compromise site content and steal session tokens or perform administrative actions on behalf of legitimate users. EPSS exploitation probability is very low at 0.03%, indicating limited real-world attack likelihood despite moderate CVSS severity.