CVE-2025-24752 PoC — WordPress plugin Essential Addons for Elementor 跨站脚本漏洞

Source

https://github.com/bartfroklage/CVE-2025-24752-POC

Associated Vulnerability

Title:WordPress plugin Essential Addons for Elementor 跨站脚本漏洞 (CVE-2025-24752)
Description:WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress plugin Essential Addons for Elementor 6.0.14及之前版本存在跨站脚本漏洞，该漏洞源于输入中和不当，可能导致反射型跨站脚本攻击。

Description

POC for CVE-2025-24752.

Readme

# CVE-2025-24752-POC

## Introduction

This python application checks whether a site is vulnerable to CVE-2025-24752.


## Install

Clone this repo and run:
```
pip3 install -r requirements.txt

```


## Usage

```
python3 cve-2025-24752.py --url http://example.com

```

or 

```
python3 cve-2025-24752.py --urls-file urls.txt

```

File Snapshot


 [4.0K]  /data/pocs/0c51cfdcc7960a4e70b5cf7c45f2e1aabd1b4134
├── [1.7K]  cve-2025-24752.py
├── [ 11K]  LICENSE
├── [ 334]  README.md
├── [  17]  requirements.txt
└── [  18]  urls.txt

0 directories, 5 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!