CVE-2025-46259
WordPress The Plus Addons for Elementor - Pro Plugin < 6.3.7 - Broken Access Control vulnerabilityMissing Authorization vulnerability in POSIMYTH Innovation The Plus Addons for Elementor Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Plus Addons for Elementor Pro: from n/a before 6.3.7.
We have discovered 2,205 live websites that are affected by CVE-2025-46259.
Affected Software
| Product | |
| Category | Wordpress Plugins |
| Vulnerable Domains | 2,205 live websites (100% of The Plus Addons for Elementor Pro install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 80 versions ( 100% of all versions) |
Common Weakness Enumeration
CWE-862 Missing AuthorizationDetails
- Published - Jul 1, 2025
- Updated - Jul 1, 2025
Credits
- Rafie Muhammad (Patchstack) (finder)
CVE References
CWE References
CWE
Website Distribution by Country
Number of websites using CVE-2025-46259 United States | 789 websites |
 Germany | 255 websites |
 France | 143 websites |
 Russia | 88 websites |
 GB | 84 websites |
 Cyprus | 72 websites |
 Italy | 49 websites |
 Iran | 49 websites |
 Spain | 44 websites |
 Netherlands | 43 websites |
Website Distribution by TLD
Number of websites using CVE-2025-46259| .com | 918 websites |
| .org | 90 websites |
| .de | 82 websites |
| .ru | 69 websites |
| .com.au | 69 websites |
| .fr | 65 websites |
| .co.uk | 63 websites |
| .com.br | 58 websites |
| .it | 51 websites |
| .nl | 39 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2025-46259
Top websites that are affected by CVE-2025-46259. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *****************.info |  Bulgaria | **,*** | |
| ****.com | United States | **,*** | |
| ****.org | United States | **,*** | |
| ***********.**.gr | Germany | **,*** | |
| *****************.***.sg |  Singapore | ***,*** | |
| ************.com | United States | ***,*** | |
| ********.com | GB | ***,*** | |
| ***.***.ng |  Nigeria | ***,*** | |
| ********************.fr | France | ***,*** | |
| **********.org | United States | ***,*** |
FAQ
CVE-2025-46259 is Missing Authorization in The Plus Addons for Elementor Pro
A total of 2,205 websites have been identified as vulnerable to CVE-2025-46259, based on global website indexing conducted by WebTechSurvey.
The The Plus Addons for Elementor Pro is affected by the CVE-2025-46259 vulnerability.
The Plus Addons for Elementor Pro versions up to 6.3.7 are vulnerable to CVE-2025-46259.
CVE-2025-46259 is resolved in version 6.3.7 of The Plus Addons for Elementor Pro.