Cross-Site Request Forgery Vulnerability in Zita Elementor Site Library Plugin by WordPress

CVE-2026-25319

What is CVE-2026-25319?

The Zita Elementor Site Library for WordPress has a Cross-Site Request Forgery (CSRF) vulnerability, affecting versions up to 1.6.6. This security flaw allows attackers to deceive authenticated users into executing unwanted actions on a web application. When the target user is tricked into clicking a malicious link or loading a malicious website, the attacker can potentially manipulate the user’s privileges or perform actions without their consent. This vulnerability underscores the importance of implementing security measures such as nonce verification and user authentication to protect against CSRF attacks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References