| CVE-2024-13734 | Card Elements for Elementor <= 1.2.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Profile Card Widget | techeshta | Card Elements for Elementor | Medium | 6.4 | 2025-02-27 09:21:48 | Deep Dive |
| CVE-2025-1295 | Templines Elementor Helper Core <= 2.7 - Authenticated (Subscriber+) Privilege Escalation | Templines | Templines Elementor Helper Core | High | 8.8 | 2025-02-27 05:23:05 | Deep Dive |
| CVE-2025-1517 | Sina Extension for Elementor <= 3.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Fancy Text, Countdown Widget, and Login Form Shortcodes | shaonsina | Sina Extension for Elementor | Medium | 6.4 | 2025-02-26 08:21:57 | Deep Dive |
| CVE-2024-13113 | Countdown Timer for Elementor < 1.3.7 - Contributor+ Stored XSS | Unknown | Countdown Timer for Elementor | 中危 | - | 2025-02-26 06:00:08 | Deep Dive |
| CVE-2025-26983 | WordPress Recipe Card Blocks for Gutenberg & Elementor plugin <= 3.4.3 - Broken Access Control vulnerability | WPZOOM | Recipe Card Blocks for Gutenberg & Elementor | Medium | 4.3 | 2025-02-25 14:17:59 | Deep Dive |
| CVE-2025-26912 | WordPress Easy Elementor Addons plugin <= 2.1.6 - Cross Site Scripting (XSS) vulnerability | hashthemes | Easy Elementor Addons | Medium | 6.5 | 2025-02-25 14:17:54 | Deep Dive |
| CVE-2024-54444 | WordPress Elementor plugin <= 3.25.10 - Cross Site Scripting (XSS) vulnerability | Elementor | Elementor Website Builder | Medium | 6.5 | 2025-02-25 14:17:50 | Deep Dive |
| CVE-2024-13564 | Rife Elementor Extensions & Templates <= 1.2.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Writing Effect Headline Shortcode | apollo13themes | Rife Extensions & Templates for Elementor | Medium | 6.4 | 2025-02-22 08:22:06 | Deep Dive |
| CVE-2024-13353 | Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates <= 1.6.4 - Authenticated (Contributor+) Local File Inclusion | cyberchimps | Responsive Addons for Elementor – Free Elementor Addons, Kits and Elementor Templates | High | 8.8 | 2025-02-21 09:21:06 | Deep Dive |
| CVE-2024-13855 | Prime Addons for Elementor <= 2.0.1 - Authenticated (Contributor+) Insecure Direct Object Reference via pae_global_block Shortcode | nilambar | Prime Addons for Elementor | Medium | 4.3 | 2025-02-20 09:21:39 | Deep Dive |
| CVE-2024-13155 | Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.140 - Authenticated (Contributor+) Stored Cross-Site Scripting via Transparent Split Hero Widget | unitecms | Unlimited Elements For Elementor | Medium | 6.4 | 2025-02-20 07:33:37 | Deep Dive |
| CVE-2024-13445 | Elementor Website Builder – More Than Just a Page Builder <= 3.27.4 - Authenticated (Contributor+) Stored Cross-Site Scripting | elemntor | Elementor Website Builder – more than just a page builder | Medium | 6.4 | 2025-02-20 04:22:25 | Deep Dive |
| CVE-2025-0968 | ElementsKit Elementor addons <= 3.4.0 - Unauthenticated Information Exposure via get_megamenu_content Function | roxnor | ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor | Medium | 5.3 | 2025-02-19 11:10:39 | Deep Dive |
| CVE-2024-13854 | Education Addon for Elementor <= 1.3.1 - Authenticated (Contributor+) Insecure Direct Object Reference via naedu_elementor_template Shortcode | nicheaddons | Education Addon for Elementor | Medium | 4.3 | 2025-02-19 07:32:09 | Deep Dive |
| CVE-2025-1441 | Royal Elementor Addons and Templates <= 1.7.1007 - Cross-Site Request Forgery to Reflected Cross-Site Scripting | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 6.1 | 2025-02-19 04:21:29 | Deep Dive |
| CVE-2024-13797 | PressMart - Modern Elementor WooCommerce WordPress Theme <= 1.2.16 - Unauthenticated Arbitrary Shortcode Execution | PressLayouts | PressMart - Modern Elementor WooCommerce WordPress Theme | High | 7.3 | 2025-02-18 11:10:18 | Deep Dive |
| CVE-2025-26772 | WordPress DethemeKit For Elementor plugin <= 2.1.8 - Cross Site Scripting (XSS) vulnerability | Detheme | DethemeKit For Elementor | Medium | 6.5 | 2025-02-17 11:38:15 | Deep Dive |
| CVE-2025-26769 | WordPress Vertex Addons for Elementor plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability | Webilia Inc. | Vertex Addons for Elementor | Medium | 6.5 | 2025-02-17 11:38:14 | Deep Dive |
| CVE-2025-26761 | WordPress Easy Elementor Addons plugin <= 2.1.5 - Cross Site Scripting (XSS) vulnerability | hashthemes | Easy Elementor Addons | Medium | 6.5 | 2025-02-16 22:17:18 | Deep Dive |
| CVE-2025-1005 | ElementsKit Elementor addons <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Accordion Widget | roxnor | ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor | Medium | 6.4 | 2025-02-15 09:24:22 | Deep Dive |