CVE-2025-9703 | Ultimate Addons for Elementor Plugin up to 2.4.x on WordPress SVG File xmlrpc.php cross site scripting

A vulnerability was found in Ultimate Addons for Elementor Plugin up to 2.4.x on WordPress. It has been classified as problematic. This affects an unknown part of the file xmlrpc.php of the component SVG File Handler. This manipulation causes cross site scripting.

This vulnerability is handled as CVE-2025-9703. The attack can be initiated remotely. There is not any exploit available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More