CVE-2025-22786 | WordPress ElementInvader Addons for Elementor plugin <= 1.2.6 - Local File Inclusion vulnerability
Path Traversal: '.../...//' vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows PHP Local File Inclusion.This issue affects ElementInvader Addons for Elementor: from n/a through <= 1.2.6.
Conclusion & alert: CVE-2025-22786 is rated Moderate Risk (46.6/100): CVSS High severity, with low exploitation likelihood (EPSS 0.66%).Mandatory action: Review affected assets and schedule remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
Exploit prediction scoring system (EPSS) score for CVE-2025-22786
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).