All 3 CVE vulnerabilities found in King Addons for Elementor – 80+ Elementor Widgets, 4 000+ Elementor Templates, WooCommerce, Mega Menu, Popup Builder, with AI-generated Chinese analysis, references, and POCs.
Vendor: kingaddons
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-13535 | King Addons for Elementor <= 51.1.38 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Multiple Widgets CWE-79 | 6.4 | Medium | 2026-04-01 |
| CVE-2025-13997 | King Addons for Elementor <= 51.1.49 - Unauthenticated API Keys Disclosure CWE-200 | 5.3 | Medium | 2026-03-23 |
| CVE-2025-7960 | King Addons for Elementor <= 51.1.39 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets CWE-79 | 6.4 | Medium | 2025-12-13 |
All 3 known CVE vulnerabilities affecting King Addons for Elementor – 80+ Elementor Widgets, 4 000+ Elementor Templates, WooCommerce, Mega Menu, Popup Builder with full Chinese analysis, references, and POCs where available.