PatchSiren

King Addons CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM King Addons CVE published 2026-06-15

CVE-2026-48870

A Cross Site Scripting (XSS) vulnerability was discovered in the King Addons for Elementor plugin. This issue allows a subscriber to inject malicious scripts into the webpage, potentially leading to unauthorized actions or data theft. The vulnerability has been rated with a CVSS score of 6.5, indicating a medium severity level.