| CVE-2023-27454 | WordPress Rife Elementor Extensions & Templates plugin <= 1.1.10 - Broken Access Control vulnerability | Apollo13Themes | Rife Elementor Extensions & Templates | Medium | 5.4 | 2024-12-09 11:31:23 | Deep Dive |
| CVE-2023-47826 | WordPress Restaurant & Cafe Addon for Elementor plugin <= 1.5.3 - Broken Access Control vulnerability | NicheAddons | Restaurant & Cafe Addon for Elementor | Medium | 6.5 | 2024-12-09 11:30:41 | Deep Dive |
| CVE-2023-48750 | WordPress Void Elementor Post Grid Addon for Elementor Page builder plugin <= 2.1.10 - Broken Access Control vulnerability | voidthemes | Void Elementor Post Grid Addon for Elementor Page builder | Medium | 5.3 | 2024-12-09 11:30:27 | Deep Dive |
| CVE-2023-49755 | WordPress Elementor Timeline Widget plugin <= 2.2 - Notice Dismissal Vulnerability | B.M. Rafiul Alam | Elementor Timeline Widget | Medium | 5.4 | 2024-12-09 11:30:14 | Deep Dive |
| CVE-2023-50884 | WordPress LA-Studio Element Kit for Elementor plugin <= 1.1.5 - Broken Access Control vulnerability | LA-Studio | LA-Studio Element Kit for Elementor | Medium | 6.5 | 2024-12-09 11:29:56 | Deep Dive |
| CVE-2024-11367 | Smoove connector for Elementor forms <= 4.1.0 - Reflected Cross-Site Scripting | matansmoove | Smoove connector for Elementor forms | Medium | 6.1 | 2024-12-07 09:27:05 | Deep Dive |
| CVE-2024-53796 | WordPress Themesflat Addons For Elementor plugin <= 2.2.2 - Cross Site Scripting (XSS) vulnerability | Themesflat | themesflat-addons-for-elementor | Medium | 6.5 | 2024-12-06 13:07:35 | Deep Dive |
| CVE-2024-53823 | WordPress The Plus Addons for Elementor plugin <= 5.6.14 - Cross Site Scripting (XSS) vulnerability | POSIMYTH | The Plus Addons for Elementor Page Builder Lite | Medium | 6.5 | 2024-12-06 13:07:31 | Deep Dive |
| CVE-2024-54210 | WordPress Advanced Element Bucket Addons for Elementor plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability | codexshaper | Advanced Element Bucket Addons for Elementor | Medium | 6.5 | 2024-12-06 13:07:28 | Deep Dive |
| CVE-2024-54212 | WordPress Magical Addons For Elementor plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability | Noor Alam | Magical Addons For Elementor | Medium | 6.5 | 2024-12-06 13:07:27 | Deep Dive |
| CVE-2024-10689 | XLTab – Accordions and Tabs for Elementor Page Builder <= 1.4 - Authenticated (Contributor+) Post Disclosure | webangon | XLTab – Accordions and Tabs for Elementor Page Builder | Medium | 4.3 | 2024-12-06 08:24:59 | Deep Dive |
| CVE-2024-10692 | PowerPack Elementor Addons (Free Widgets, Extensions and Templates) <= 2.8.1 - Authenticated (Contributor+) Post Disclosure | ideaboxcreations | PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) | Medium | 4.3 | 2024-12-06 08:24:58 | Deep Dive |
| CVE-2024-12110 | Gold Addons for Elementor <= 1.3.2 - Missing Authorization to Authenticated (Subscriber+) License Activation/Deactivation | jerryscg | Gold Addons for Elementor | Medium | 4.3 | 2024-12-06 08:24:55 | Deep Dive |
| CVE-2024-10777 | AnyWhere Elementor <= 1.2.11 - Authenticated (Contributor+) Post Disclosure | wpvibes | Dynific Addons for Elementor (formerly AnyWhere Elementor) | Medium | 4.3 | 2024-12-05 09:23:07 | Deep Dive |
| CVE-2024-8962 | WPBITS Addons For Elementor Page Builder <= 1.5.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | wpbits | WPBITS Addons For Elementor Page Builder | Medium | 6.4 | 2024-12-04 11:08:27 | Deep Dive |
| CVE-2024-10787 | LA-Studio Element Kit for Elementor <= 1.4.4 - Authenticated (Contributor+) Post Disclosure | choijun | LA-Studio Element Kit for Elementor | Medium | 4.3 | 2024-12-04 08:22:46 | Deep Dive |
| CVE-2024-10663 | Eleblog – Elementor Blog And Magazine Addons <= 1.8 - Missing Authorization to Authenticated (Subscriber+) Deactivation Submission | smarettheme | Eleblog – Elementor Blog And Magazine Addons | Medium | 4.3 | 2024-12-04 02:40:28 | Deep Dive |
| CVE-2024-12062 | Charity Addon for Elementor <= 1.3.3 - Authenticated (Contributor+) Post Disclosure | nicheaddons | Charity Addon for Elementor | Medium | 4.3 | 2024-12-03 09:32:01 | Deep Dive |
| CVE-2024-9058 | Element Pack Elementor Addons <= 5.10.5 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Lightbox Widget | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 6.4 | 2024-12-03 06:50:54 | Deep Dive |
| CVE-2024-9694 | CMSMasters Elementor Addon <= 1.14.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets | CMSMasters | CMSMasters Elementor Addon | Medium | 6.4 | 2024-12-03 02:05:36 | Deep Dive |