CVE-2025-32641: CSRF in Anant Addons for Elementor
Platform
wordpress
Component
anant-addons-for-elementor
Fixed in
1.1.9
CVE-2025-32641 describes a Cross-Site Request Forgery (CSRF) vulnerability discovered in Anant Addons for Elementor, a plugin for the Elementor page builder. This flaw allows an attacker to trick a logged-in user into unknowingly executing malicious actions, potentially leading to unauthorized modifications to the website. The vulnerability impacts versions from 0.0.0 up to and including 1.1.8, with a fix available in version 1.1.6.
Detect this CVE in your project
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Impact and Attack Scenarios
A successful CSRF attack can have significant consequences for websites using Anant Addons for Elementor. An attacker could leverage this vulnerability to modify website content, change user roles and permissions, or even delete critical data. The attacker does not need to authenticate to exploit the vulnerability; they only need to trick a legitimate user into visiting a malicious link or page. This could be achieved through phishing emails, malicious advertisements, or compromised third-party websites. The blast radius extends to any user with access to the affected plugin, making it a widespread concern for Elementor-based websites.
Exploitation Context
CVE-2025-32641 was published on April 9, 2025. As of this date, there are no publicly known active campaigns exploiting this specific vulnerability. No KEV or EPSS score is currently assigned. While no public Proof-of-Concept (PoC) code has been released, the CSRF nature of the vulnerability makes it relatively easy to exploit, increasing the likelihood of future exploitation attempts.
Threat Intelligence
Exploit Status
EPSS
0.12% (31% percentile)
CISA SSVC
CVSS Vector
What do these metrics mean?
- Attack Vector
- Network — remotely exploitable over the internet. No physical or local access required. Widest attack surface.
- Attack Complexity
- Low — no special conditions required. Attacker can exploit reliably without depending on rare configurations or timing.
- Privileges Required
- None — unauthenticated. No login or credentials needed to exploit.
- User Interaction
- Required — victim must take an action: open a file, click a link, or visit a crafted page.
- Scope
- Changed — successful attack can pivot beyond the vulnerable component to other systems or the host OS.
- Confidentiality
- High — complete confidentiality loss. Attacker can read all data: credentials, keys, personal data.
- Integrity
- High — attacker can write, modify, or delete any data: databases, config files, or code.
- Availability
- High — complete crash or resource exhaustion. Full denial of service.
Affected Software
Package Information
- Active installs
- 800Niche
- Plugin rating
- 0.0
- Requires WordPress
- 6.7+
- Compatible up to
- 6.9.4
- Requires PHP
- 7.4+
Weakness Classification (CWE)
Timeline
- Reserved
- Published
- Modified
- EPSS updated
Mitigation and Workarounds
The primary mitigation for CVE-2025-32641 is to immediately upgrade Anant Addons for Elementor to version 1.1.6 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider implementing a Web Application Firewall (WAF) with CSRF protection rules. These rules can help to detect and block malicious requests. Additionally, ensure that all user input is properly validated and sanitized to prevent other potential vulnerabilities. After upgrading, verify the fix by attempting to trigger a CSRF attack on a test environment to confirm that the protection is effective.
How to fix
Actualice el plugin Anant Addons for Elementor a la última versión disponible para mitigar la vulnerabilidad de CSRF que permite la instalación arbitraria de plugins. Verifique las actualizaciones disponibles en el panel de administración de WordPress o en el repositorio de plugins de WordPress.
CVE Security Newsletter
Vulnerability analysis and critical alerts directly to your inbox.
Frequently asked questions
What is CVE-2025-32641 — CSRF in Anant Addons for Elementor?
CVE-2025-32641 is a CRITICAL Cross-Site Request Forgery (CSRF) vulnerability affecting Anant Addons for Elementor. It allows attackers to perform unauthorized actions on a user's account without their knowledge.
Am I affected by CVE-2025-32641 in Anant Addons for Elementor?
You are affected if you are using Anant Addons for Elementor versions 0.0.0 through 1.1.8. Upgrade to 1.1.6 or later to mitigate the risk.
How do I fix CVE-2025-32641 in Anant Addons for Elementor?
The recommended fix is to upgrade Anant Addons for Elementor to version 1.1.6 or a later version. As a temporary workaround, implement a WAF with CSRF protection rules.
Is CVE-2025-32641 being actively exploited?
As of April 9, 2025, there are no publicly known active campaigns exploiting this vulnerability, but the ease of exploitation suggests potential future attacks.
Where can I find the official Anant Addons advisory for CVE-2025-32641?
Refer to the Anant Addons website and Elementor's security advisory channels for the official advisory regarding CVE-2025-32641.
Is your project affected?
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.