Missing Authorization in Huger for Elementor Affects Users
CVE-2025-68088

Currently unrated

Key Information:

Vendor

WordPress
Status
Huger For Elementor
Vendor
CVE Published:
16 December 2025

What is CVE-2025-68088?

The Huger for Elementor plugin presents a missing authorization vulnerability that allows attackers to exploit improperly configured access control levels. This issue affects versions of the plugin from n/a through 1.1.5, potentially granting unauthorized access to sensitive areas or functionalities of the site. Users of this plugin should take immediate steps to assess their installations and apply appropriate security measures to prevent exploitation.

Affected Version(s)

Huger for Elementor <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Plugin/huge...
vdb-entry

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Phat RiO - BlueRock | Patchstack Bug Bounty Program
JSON
.
CVE-2025-68088 : Missing Authorization in Huger for Elementor Affects Users