Cross-site Scripting Vulnerability in HT Slider For Elementor by HT Plugins
CVE-2025-53199

6.5MEDIUM

Key Information:

Vendor: WordPress
Status: Ht Slider For Elementor
Vendor: CVE Published:; 27 June 2025

What is CVE-2025-53199?

A Cross-site Scripting (XSS) vulnerability exists in HT Slider For Elementor, provided by HT Plugins, allowing attackers to execute arbitrary JavaScript in the context of a user's browser. This vulnerability arises from improper handling of input during webpage generation, which may permit malicious scripts to be injected through the affected plugin versions ranging from n/a to 1.6.5, potentially compromising user data and security.

Affected Version(s)

HT Slider For Elementor <= 1.6.5

References

https://patchstack.com/database/wordpress/plugin/ht-slide...

vdb-entry

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 27, 2025
Vulnerability Reserved
Jun 27, 2025

Credit

theviper17 (Patchstack Alliance)