Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
elementor elementor pro vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-32241
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPDeveloper Essential Addons for Elementor Pro plugin <= 5.4.8 versions.
Wpdeveloper Essential Addons For Elementor
6.1
CVSSv3
CVE-2023-2324
The Elementor Forms Google Sheet Connector WordPress plugin prior to 1.0.7, gsheetconnector-for-elementor-forms-pro WordPress plugin up to and including 1.0.7 does not escape some parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting whic...
Gsheetconnector Elementor Forms Google Sheet Connector
6.1
CVSSv3
CVE-2023-34012
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Premium Addons for Elementor Premium Addons PRO plugin <= 2.8.24 versions.
Leap13 Premium Addons For Elementor
6.1
CVSSv3
CVE-2018-18379
The elementor-edit-template class in wp-admin/customize.php in the Elementor Pro plugin prior to 2.0.10 for WordPress has XSS.
Elementor Elementor Page Builder
5.4
CVSSv3
CVE-2024-4203
The Premium Addons Pro for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the maps widget in all versions up to, and including, 4.10.30 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible ...
5.4
CVSSv3
CVE-2021-24292
The Happy Addons for Elementor WordPress plugin prior to 2.24.0, Happy Addons Pro for Elementor WordPress plugin prior to 1.17.0 have a number of widgets that are vulnerable to stored Cross-Site Scripting(XSS) by lower-privileged users such as contributors, all via a similar meth...
Wedevs Happy Addons For Elementor
5.3
CVSSv3
CVE-2023-0443
The AnyWhere Elementor WordPress plugin prior to 1.2.8 discloses a Freemius Secret Key which could be used by an malicious user to purchase the pro subscription using test credit card numbers without actually paying the amount. Such key has been revoked.
Wpvibes Anywhere Elementor
NA
CVE-2024-5086
The Essential Addons for Elementor PRO – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Team Member Carousel widget in all Pro versions up to, and including, 5.8.14 d...
NA
CVE-2023-47178
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in POSIMYTH Innovation The Plus Addons for Elementor Pro allows PHP Local File Inclusion.This issue affects The Plus Addons for Elementor Pro: from n/a up to and including 5.2.8...
NA
CVE-2024-4107
The Elementor Website Builder – More than Just a Page Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the several parameters in versions up to, and including, 3.21.0 due to insufficient input sanitization and output escaping. This makes it ...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »