CVE-2026-9243 | posimyththemes The Plus Addons for Elementor Plugin up to 6.4.15 on WordPress Carousel Anything Widget carousel_direction cross site scripting (EUVD-2026-33254)

A vulnerability classified as problematic was found in posimyththemes The Plus Addons for Elementor Plugin up to 6.4.15 on WordPress. Affected by this vulnerability is an unknown functionality of the component Carousel Anything Widget. Such manipulation of the argument carousel_direction leads to cross site scripting.

This vulnerability is documented as CVE-2026-9243. The attack can be executed remotely. There is not any exploit available.VulDB Recent EntriesRead More