| CVE-2024-8899 | Jeg Elementor Kit <= 2.6.9 - Authenticated (Contributor+) Sensitive Information Exposure via sg_content_template | jegtheme | Jeg Kit for Elementor – Powerful Addons for Elementor, Widgets & Templates for WordPress | Medium | 4.3 | 2024-11-26 11:04:30 | Deep Dive |
| CVE-2024-11034 | Request a Quote for WooCommerce and Elementor – Get a Quote Button – Product Enquiry Form Popup – Product Quotation <= 1.4 - Unauthenticated Arbitrary Shortcode Execution via fire_contact_form | wpbean | Request a Quote for WooCommerce – Get a Quote Button | High | 7.3 | 2024-11-23 11:23:16 | Deep Dive |
| CVE-2024-10873 | LA-Studio Element Kit for Elementor <= 1.4.2 - Authenticated (Contributor+) Local File Inclusion | choijun | LA-Studio Element Kit for Elementor | High | 8.8 | 2024-11-23 04:32:20 | Deep Dive |
| CVE-2024-10868 | Enter Addons – Ultimate Template Builder for Elementor <= 2.1.9 - Authenticated (Contributor+) Post Disclosure | themelooks | Enter Addons – Ultimate Template Builder for Elementor | Medium | 4.3 | 2024-11-23 03:25:53 | Deep Dive |
| CVE-2024-11601 | Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post Carousel, Particles, Sliders, Chart, Blogs) <= 2.6.1 - Cross-Site Request Forgery to Limited Arbitrary Options Update | wowdevs | Sky Addons – Elementor Addons with Widgets & Templates | High | 8.1 | 2024-11-22 05:33:41 | Deep Dive |
| CVE-2024-11104 | Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post Carousel, Particles, Sliders, Chart, Blogs) <= 2.6.2 - Missing Authorization to Authenticated (Subscriber+) Limited Arbitrary Options Update | wowdevs | Sky Addons – Elementor Addons with Widgets & Templates | High | 8.1 | 2024-11-22 05:33:40 | Deep Dive |
| CVE-2024-9542 | Sky Addons for Elementor <= 2.6.1 - Authenticated (Contributor+) Sensitive Information Exposure via Content Switcher Widget Elementor Template | wowdevs | Sky Addons – Elementor Addons with Widgets & Templates | Medium | 4.3 | 2024-11-21 11:02:20 | Deep Dive |
| CVE-2024-10316 | Stratum – Elementor Widgets <= 1.4.4 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Templates | jetmonsters | Stratum Widgets for Elementor | Medium | 4.3 | 2024-11-21 11:02:19 | Deep Dive |
| CVE-2024-10782 | Theme Builder For Elementor <= 1.2.2 - Authenticated (Contributor+) Post Disclosure | theblockswp | Theme Builder For Elementor | Medium | 4.3 | 2024-11-21 05:33:50 | Deep Dive |
| CVE-2024-10696 | UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode) <= 1.1.8 - Insecure Direct Object Reference to Sensitive Information Exposure via UA_Template Shortcode | codersaiful | UltraAddons for Elementor | Medium | 4.3 | 2024-11-21 02:06:36 | Deep Dive |
| CVE-2024-52471 | WordPress Extensions for Elementor plugin <= 2.0.37 - Reflected Cross Site Scripting (XSS) vulnerability | petesheppard84 | Extensions for Elementor | High | 7.1 | 2024-11-20 14:32:55 | Deep Dive |
| CVE-2024-10365 | The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 6.0.3 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Templates | posimyththemes | The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce | Medium | 4.3 | 2024-11-20 06:42:57 | Deep Dive |
| CVE-2024-50521 | WordPress Alley Elementor Widget plugin <= 1.0.7 - Cross Site Scripting (XSS) vulnerability | alleythemes | Alley Elementor Widget | Medium | 6.5 | 2024-11-19 16:32:13 | Deep Dive |
| CVE-2024-50542 | WordPress RLM Elementor Widgets Pack plugin <= 1.3.1 - Cross Site Scripting (XSS) vulnerability | zachsilberstein | RLM Elementor Widgets Pack | Medium | 6.5 | 2024-11-19 16:32:09 | Deep Dive |
| CVE-2024-50543 | WordPress amazing neo icon font for elementor plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability | mudssar | amazing neo icon font for elementor | Medium | 6.5 | 2024-11-19 16:32:08 | Deep Dive |
| CVE-2024-50553 | WordPress Classy Addons for Elementor plugin <= 1.2.7 - Cross Site Scripting (XSS) vulnerability | Classy Addons | Classy Addons for Elementor | Medium | 6.5 | 2024-11-19 16:32:04 | Deep Dive |
| CVE-2024-51813 | WordPress Anant Addons for Elementor plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability | anantaddons | Anant Addons for Elementor | Medium | 6.5 | 2024-11-19 16:31:52 | Deep Dive |
| CVE-2024-51812 | WordPress Pro Addons For Elementor plugin <= 1.5.0 - Cross Site Scripting (XSS) vulnerability | Wasim | Pro Addons For Elementor | Medium | 6.5 | 2024-11-19 16:31:52 | Deep Dive |
| CVE-2024-51841 | WordPress File Select Control For Elementor plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability | Abdul Awal Uzzal | File Select Control For Elementor | Medium | 6.5 | 2024-11-19 16:31:39 | Deep Dive |
| CVE-2024-51851 | WordPress best bootstrap widgets for elementor plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability | salehattari | best bootstrap widgets for elementor | Medium | 6.5 | 2024-11-19 16:31:35 | Deep Dive |