Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
elementor website builder vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-33922
Missing Authorization vulnerability in Elementor Elementor Website Builder.This issue affects Elementor Website Builder: from n/a up to and including 3.13.2.
NA
CVE-2024-4619
The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘hover_animation’ parameter in versions up to, and including, 3.21.4 due to insufficient input sanitization and outp...
NA
CVE-2024-24934
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Elementor Elementor Website Builder allows Manipulating Web Input to File System Calls.This issue affects Elementor Website Builder: from n/a up to and including 3.19.0.
NA
CVE-2024-4107
The Elementor Website Builder – More than Just a Page Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the several parameters in versions up to, and including, 3.21.0 due to insufficient input sanitization and output escaping. This makes it ...
NA
CVE-2023-47504
Improper Authentication vulnerability in Elementor Elementor Website Builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Elementor Website Builder: from n/a up to and including 3.16.4.
NA
CVE-2024-2117
The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Path Widget in all versions up to, and including, 3.20.2 due to insufficient output escaping on user supplied attributes. Th...
NA
CVE-2024-1364
The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widget's custom_id in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possi...
NA
CVE-2024-1521
The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an SVGZ file uploaded via the Form widget in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping. This makes it possible for au...
NA
CVE-2024-2781
The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the video_html_tag attribute in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated a...
NA
CVE-2024-2120
The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Post Navigation widget in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escapi...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege
CVE-2022-48762
CVE-2022-48751
CVE-2024-37079
CVE-2024-30848
LFI
man-in-the-middle
CVE-2022-48736
CVE-2024-30103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »