CVE-2025-6686 | Magic Buttons for Elementor Plugin up to 1.0 on WordPress Shortcode magic-button cross site scripting

A vulnerability classified as problematic has been found in Magic Buttons for Elementor Plugin up to 1.0 on WordPress. Affected is the function magic-button of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2025-6686. It is possible to launch the attack remotely. There is no exploit available.VulDB Recent EntriesRead More