CVE-2025-47644

Name of the Vulnerable Software and Affected Versions Zoho CRM with Elementor form versions 1.0.0 through 1.0.7

Description The issue is related to a URL Redirection to Untrusted Site ('Open Redirect') vulnerability in the formsintegrations Integrations of Zoho CRM with Elementor form, which allows phishing attacks.

Recommendations For versions 1.0.0 through 1.0.7, consider restricting access to the vulnerable integration until a patch is available. As a temporary workaround, avoid using the integration with Elementor form in Zoho CRM until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.