CVE-2025-24752

HIGH EXPLOITED NUCLEI

Essential Addons for Elementor <= 6.0.14 - Reflected Cross-Site Scripting

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2025-24752 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 2 public exploits from researchers including Sachinart, bartfroklage. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository contains a functional proof-of-concept for CVE-2025-24752, a reflected XSS vulnerability in Essential Addons for Elementor. The PoC uses Selenium to automate browser-based detection of the XSS by injecting a payload via the `popup-selector` parameter and confirming alert execution.

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Reflected XSS.This issue affects Essential Addons for Elementor: from n/a through <= 6.0.14.

Exploits (2)

nomisec WORKING POC 6 stars
by Sachinart · client-side
https://github.com/Sachinart/essential-addons-for-elementor-xss-poc

This repository contains a functional proof-of-concept for CVE-2025-24752, a reflected XSS vulnerability in Essential Addons for Elementor. The PoC uses Selenium to automate browser-based detection of the XSS by injecting a payload via the `popup-selector` parameter and confirming alert execution.

Classification
Working Poc 95%
Attack Type
Xss
Complexity
Moderate
Reliability
Reliable
Target: Essential Addons for Elementor < 6.0.15
No auth needed
Prerequisites: Target URL with vulnerable plugin installed · Selenium and Chrome WebDriver
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec SCANNER 1 stars
by bartfroklage · poc
https://github.com/bartfroklage/CVE-2025-24752-POC

This Python script checks if a target website is vulnerable to CVE-2025-24752 by detecting the presence of a vulnerable version of the 'essential-addons-for-elementor-lite' plugin. It performs a version check via regex on the response text.

Classification
Scanner 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: essential-addons-for-elementor-lite < 6.0.15
No auth needed
Prerequisites: Target must be running the vulnerable plugin · Target must be accessible via HTTP
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

Essential Addons for Elementor < 6.0.15 - Cross-Site Scripting
MEDIUMVERIFIEDby DhiyaneshDK
FOFA: body="/wp-content/plugins/essential-addons-for-elementor-lite"

References (2)

Core 2

Scores

CVSS v3 7.1
EPSS 0.0397
EPSS Percentile 88.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

VulnCheck KEV 2025-02-04
CWE
CWE-79
Status published
Products (2)
WPDeveloper/Essential Addons for Elementor < 6.0.14
wpdeveloper/essential_addons_for_elementor < 6.0.15
Published Apr 17, 2025
Tracked Since Feb 18, 2026