{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-14163", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-12-05T21:07:02.189Z", "datePublished": "2025-12-23T09:20:01.059Z", "dateUpdated": "2026-04-08T17:01:45.736Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:01:45.736Z"}, "affected": [{"vendor": "leap13", "product": "Premium Addons for Elementor \u2013 Powerful Elementor Templates & Widgets", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "4.11.53", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Premium Addons for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.11.53. This is due to missing nonce validation in the 'insert_inner_template' function. This makes it possible for unauthenticated attackers to create arbitrary Elementor templates via a forged request granted they can trick a site administrator or other user with the edit_posts capability into performing an action such as clicking on a link."}], "title": "Premium Addons for Elementor <= 4.11.53 - Cross-Site Request Forgery via 'insert_inner_template'", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/77b57f2a-0b46-4b4a-bdca-1c5218d739ce?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/tags/4.11.53/includes/templates/classes/manager.php#L246"}, {"url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/tags/4.11.53/includes/templates/classes/manager.php#L40"}, {"url": "https://plugins.trac.wordpress.org/changeset/3416254/"}, {"url": "https://research.cleantalk.org/cve-2025-14163/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-352 Cross-Site Request Forgery (CSRF)", "cweId": "CWE-352", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Dmitrii Ignatyev"}], "timeline": [{"time": "2025-12-22T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-12-23T15:26:58.110622Z", "id": "CVE-2025-14163", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-23T15:27:05.274Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-14163", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-12-23T15:26:58.110622Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-23T15:27:01.403Z"}}], "cna": {"title": "Premium Addons for Elementor <= 4.11.53 - Cross-Site Request Forgery via 'insert_inner_template'", "credits": [{"lang": "en", "type": "finder", "value": "Dmitrii Ignatyev"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}}], "affected": [{"vendor": "leap13", "product": "Premium Addons for Elementor \u2013 Powerful Elementor Templates & Widgets", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "4.11.53"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-12-22T00:00:00.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/77b57f2a-0b46-4b4a-bdca-1c5218d739ce?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/tags/4.11.53/includes/templates/classes/manager.php#L246"}, {"url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/tags/4.11.53/includes/templates/classes/manager.php#L40"}, {"url": "https://plugins.trac.wordpress.org/changeset/3416254/"}, {"url": "https://research.cleantalk.org/cve-2025-14163/"}], "descriptions": [{"lang": "en", "value": "The Premium Addons for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.11.53. This is due to missing nonce validation in the 'insert_inner_template' function. This makes it possible for unauthenticated attackers to create arbitrary Elementor templates via a forged request granted they can trick a site administrator or other user with the edit_posts capability into performing an action such as clicking on a link."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-352", "description": "CWE-352 Cross-Site Request Forgery (CSRF)"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:01:45.736Z"}}}, "cveMetadata": {"cveId": "CVE-2025-14163", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:01:45.736Z", "dateReserved": "2025-12-05T21:07:02.189Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-12-23T09:20:01.059Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:leap13:premium_addons_for_elementor:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "64CFC13B-0B7D-4AAA-946C-74E74ED44158", "versionEndExcluding": "4.11.54", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Premium Addons for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.11.53. This is due to missing nonce validation in the 'insert_inner_template' function. This makes it possible for unauthenticated attackers to create arbitrary Elementor templates via a forged request granted they can trick a site administrator or other user with the edit_posts capability into performing an action such as clicking on a link."}], "id": "CVE-2025-14163", "lastModified": "2026-04-08T18:24:08.443", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-12-23T10:15:43.497", "references": [{"source": "security@wordfence.com", "tags": ["Product"], "url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/tags/4.11.53/includes/templates/classes/manager.php#L246"}, {"source": "security@wordfence.com", "tags": ["Product"], "url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/tags/4.11.53/includes/templates/classes/manager.php#L40"}, {"source": "security@wordfence.com", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/changeset/3416254/"}, {"source": "security@wordfence.com", "url": "https://research.cleantalk.org/cve-2025-14163/"}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/77b57f2a-0b46-4b4a-bdca-1c5218d739ce?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T16:55:07.056971+00:00", "value": {"mitigation_remediation": ["Upgrade Premium Addons for Elementor to a version newer than 4.11.53 to remove the missing nonce check.", "Restrict the edit_posts capability to trusted administrators and verify that users are not tricked into clicking malicious links.", "If an immediate upgrade is not feasible, temporarily disable the plugin or block the insert_inner_template endpoint using a web\u2011application firewall or by modifying the .htaccess rules."], "summary": {"action": "Apply Patch", "impact": "Cross\u2011Site Request Forgery enabling unauthorized creation of Elementor templates"}, "threat_synthesis": {"affected_systems": "Affected product is the leap13 Premium Addons for Elementor plugin for WordPress. All releases through version 4.11.53 are vulnerable. The plugin is commonly used with Elementor on WordPress sites and is distributed via the WordPress plugin repository.", "description_and_impact": "The Premium Addons for Elementor plugin for WordPress, up to version 4.11.53, suffers from a Cross\u2011Site Request Forgery (CWE\u2011352) due to missing nonce validation in the 'insert_inner_template' function. An unauthenticated attacker who can persuade an administrator or a user with edit_posts capability to follow a crafted link can have the site create arbitrary Elementor templates. These templates may embed malicious content or scripts, potentially leading to site defacement or a vector for further code execution when the templates are activated.", "risk_and_exploitability": "The CVSS score of 4.3 marks this vulnerability as moderate. An EPSS score of less than 1% indicates a low likelihood of exploitation, and the vulnerability is not listed in the CISA KEV catalog. The attack requires an attacker to supply a forged request to the plugin's insert_inner_template endpoint and compel a user with edit capability to click the link. Because nonce checks are omitted, the action is executed automatically, making the exploit simple once the social engineering precondition is satisfied."}}}}, "created": "2025-12-23T22:39:42.783689+00:00", "updated": "2026-04-21T17:00:12.324716+00:00", "vendors": ["leap13", "leap13$PRODUCT$premium_addons_for_elementor", "wordpress", "wordpress$PRODUCT$wordpress"]}