CVE-2025-8216
BaseFortify
Publication date: 2025-07-29
Last updated on: 2025-07-29
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wowdevs | sky_addons | 3.1.4 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-8216 is a Stored Cross-Site Scripting (XSS) vulnerability in the Sky Addons for Elementor WordPress plugin. It occurs because the plugin does not properly sanitize and escape user-supplied input in multiple widgets. This allows authenticated users with contributor-level access or higher to inject malicious scripts into pages. These scripts then execute whenever any user views the affected page, potentially compromising user data or site integrity.
How can this vulnerability impact me? :
This vulnerability can allow attackers with contributor-level access to inject malicious scripts into website pages. When other users visit these pages, the scripts execute in their browsers, potentially leading to theft of sensitive information, session hijacking, defacement, or further exploitation of the website. It undermines the security and trustworthiness of the affected WordPress site.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves identifying if the Sky Addons for Elementor plugin version 3.1.4 or earlier is installed on your WordPress site and checking for signs of stored cross-site scripting (XSS) attacks. You can check the plugin version via the WordPress admin dashboard or by running commands on the server such as: `wp plugin list | grep sky-elementor-addons` (using WP-CLI) to see the installed version. To detect exploitation attempts, monitor HTTP requests and responses for suspicious scripts injected in widget attributes. Additionally, scanning your WordPress database for suspicious script tags in posts or pages that use the affected widgets may help. However, no specific detection commands are provided in the resources. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to update the Sky Addons for Elementor plugin to version 3.2.0 or later, where the vulnerability has been fixed. If updating is not immediately possible, restrict contributor-level access and above to trusted users only, as the vulnerability requires authenticated users with at least contributor privileges. Additionally, monitor and sanitize user inputs and consider disabling or limiting the use of vulnerable widgets until the update is applied. [1]