CVE-2025-63026
BaseFortify
Publication date: 2026-01-22
Last updated on: 2026-04-27
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| themegoods | grand_restaurant_theme_elements_for_elementor | From 2.1.1|end_including=2.1.1 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-63026 is a Stored Cross Site Scripting (XSS) vulnerability in the WordPress Grand Restaurant Theme Elements for Elementor Plugin versions up to 2.1.1. It allows an attacker to inject malicious scripts into web pages generated by the plugin. Exploitation requires a privileged user (Contributor or Developer) to interact with a crafted malicious input, such as clicking a link or submitting a form. Once exploited, the malicious scripts execute when site visitors access the compromised pages. [1]
How can this vulnerability impact me? :
This vulnerability can lead to attackers injecting malicious scripts that execute in the browsers of site visitors. This can result in unwanted redirects, display of advertisements, or other harmful HTML payloads. However, exploitation requires a privileged user to interact with malicious content, limiting the risk. The overall severity is moderate with a CVSS score of 6.5, and no official fix is currently available. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection involves monitoring for unusual script injections or unexpected HTML payloads in the Grand Restaurant Theme Elements for Elementor plugin, especially from users with Contributor or Developer privileges. Since exploitation requires user interaction, reviewing logs for suspicious user actions such as clicking unknown links or submitting unexpected forms can help. Specific commands are not provided in the resources. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting privileged user roles (Contributor or Developer) from interacting with untrusted content, educating users about the risks of clicking unknown links or submitting forms, and monitoring for suspicious activity. Since no official fix or patch is currently available, applying strict input validation and limiting user privileges are recommended. [1]