CVE Catalog
CVE-2026-48870
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk0.21%
11th percentile - higher than 11% of all known CVEs
Summary
The King Addons plugin for Elementor versions up to 51.1.62 contains a Subscriber Cross Site Scripting (XSS) vulnerability.
Risk Assessment
An attacker could exploit this vulnerability to inject malicious scripts, potentially leading to user data theft or session hijacking.
Recommendation
It is recommended to update the King Addons plugin to the latest version to mitigate this vulnerability.
Original NVD description (English source)
Subscriber Cross Site Scripting (XSS) in King Addons for Elementor <= 51.1.62 versions.

