CVE-2025-22811

### 1. Vulnerability Description CVE-2025-22811 is a stored cross-site scripting (XSS) vulnerability in the MT Addons for Elementor WordPress plugin, affecting versions from n/a through 1.0.6. The root cause is improper neutralization of user-supplied input during web page generation, allowing malicious scripts to be permanently stored on the server and executed when other users view affected pages [1].

### 2. Exploitation Exploitation requires an authenticated attacker with at least contributor-level privileges to inject crafted payloads via plugin features like forms or content elements. While user interaction (such as clicking a link or visiting a crafted page) is needed for the attack to succeed against a victim, the stored nature means the payload can affect multiple visitors without further attacker action [1]. The vulnerability is considered medium severity (CVSS 6.5).

### 3. Impact If successfully exploited, an attacker can inject arbitrary JavaScript/HTML payloads, such as redirects, advertisements, or other malicious content. These scripts execute in the context of any visitor's browser when they access the compromised page, potentially leading to session hijacking, defacement, or phishing attacks [1].

### 4. Mitigation The vendor has released version 1.0.7 which addresses this vulnerability. Users are strongly advised to update immediately. For sites that cannot update, disabling the plugin or seeking assistance from a hosting provider or developer is recommended. Patchstack users can enable auto-updates for vulnerable plugins [1].