🔐 CVE Alert

CVE-2025-68500

CRITICAL 9.1

WordPress Prime Slider – Addons For Elementor plugin <= 4.0.10 - Server Side Request Forgery (SSRF) vulnerability

CVSS Score
9.1
EPSS Score
0.0%
EPSS Percentile
0th

Server-Side Request Forgery (SSRF) vulnerability in bdthemes Prime Slider – Addons For Elementor bdthemes-prime-slider-lite allows Server Side Request Forgery.This issue affects Prime Slider – Addons For Elementor: from n/a through <= 4.0.10.

CWE CWE-918
Vendor bdthemes
Product prime slider – addons for elementor
Published Dec 24, 2025
Last Updated Apr 1, 2026
Stay Ahead of the Next One

Get instant alerts for bdthemes prime slider – addons for elementor

Be the first to know when new critical vulnerabilities affecting bdthemes prime slider – addons for elementor are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

bdthemes / Prime Slider – Addons For Elementor
0 ≤ 4.0.10

References

NVD ↗ CVE.org ↗ EPSS Data ↗
patchstack.com: https://patchstack.com/database/Wordpress/Plugin/bdthemes-prime-slider-lite/vulnerability/wordpress-prime-slider-addons-for-elementor-plugin-4-0-10-server-side-request-forgery-ssrf-vulnerability?_s_id=cve

Credits

NumeX | Patchstack Bug Bounty Program