| CVE-2024-51852 | WordPress Dynamic Post Grid Elementor Addon plugin <= 1.0.6 - Cross Site Scripting (XSS) vulnerability | Maidul | Dynamic Post Grid Elementor Addon | Medium | 6.5 | 2024-11-19 16:31:34 | Deep Dive |
| CVE-2024-51856 | WordPress Moose Elementor Kit plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability | ibllex | Moose Elementor Kit | Medium | 6.5 | 2024-11-19 16:31:32 | Deep Dive |
| CVE-2024-51870 | WordPress Ultimate Flipbox Addon for Elementor plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability | dragwyb | Ultimate Flipbox Addon for Elementor | Medium | 6.5 | 2024-11-19 16:31:24 | Deep Dive |
| CVE-2024-51894 | WordPress Topbar ID for Elementor plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability | reyzua | Topbar ID for Elementor | Medium | 6.5 | 2024-11-19 16:31:12 | Deep Dive |
| CVE-2024-51893 | WordPress Postify: Post Layout For Elementor plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability | FixoLab | Postify: Post Layout For Elementor | Medium | 6.5 | 2024-11-19 16:31:12 | Deep Dive |
| CVE-2024-51927 | WordPress Rig Elements For Elementor plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability | Asaduzzaman Abir | Rig Elements For Elementor | Medium | 6.5 | 2024-11-19 16:30:55 | Deep Dive |
| CVE-2024-51938 | WordPress Charity Addon for Elementor plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability | nicheaddons | Charity Addon for Elementor | Medium | 6.5 | 2024-11-19 16:30:48 | Deep Dive |
| CVE-2024-52425 | WordPress Drozd – Addons for Elementor plugin <= 1.1.1 - Stored Cross Site Scripting (XSS) vulnerability | Vladislav Urchenko | Drozd – Addons for Elementor | Medium | 6.5 | 2024-11-18 15:30:01 | Deep Dive |
| CVE-2024-6628 | EleForms – All In One Form Integration including DB for Elementor <= 2.9.9.9 - Cross-Site Request Forgery | cscode | EleForms – All In One Form Integration including DB for Elementor | Medium | 4.3 | 2024-11-16 03:20:51 | Deep Dive |
| CVE-2024-9935📌💣 | PDF Generator Addon for Elementor Page Builder <= 2.0.0 - Unauthenticated Arbitrary File Download EPSS 0.94 | redefiningtheweb | PDF Generator for WordPress Elementor | High | 7.5 | 2024-11-16 03:20:45 | Deep Dive |
| CVE-2024-8978 | Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders <= 6.0.9 - Authenticated (Contributor+) Sensitive Information Exposure | wpdevteam | Essential Addons for Elementor – Popular Elementor Templates & Widgets | Medium | 5.7 | 2024-11-15 09:29:40 | Deep Dive |
| CVE-2024-8979 | Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders <= 6.0.9 - Authenticated (Author+) Sensitive Information Exposure to Privilege Escalation | wpdevteam | Essential Addons for Elementor – Popular Elementor Templates & Widgets | High | 8.0 | 2024-11-15 09:29:39 | Deep Dive |
| CVE-2024-8961 | Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders <= 6.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting | wpdevteam | Essential Addons for Elementor – Popular Elementor Templates & Widgets | Medium | 6.4 | 2024-11-15 06:48:03 | Deep Dive |
| CVE-2024-10582 | Music Player for Elementor – Audio Player & Podcast Player <= 2.4.1 - Missing Authorization to Authenticated (Subscriber+) Template Import | smartwpress | Music Player for Elementor – Audio Player & Podcast Player | Medium | 4.3 | 2024-11-15 05:30:55 | Deep Dive |
| CVE-2024-10897 | Tutor LMS Elementor Addons <= 2.1.5 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Installation | themeum | Tutor LMS Elementor Addons | Medium | 4.3 | 2024-11-15 04:29:05 | Deep Dive |
| CVE-2024-9682 | Royal Elementor Addons and Templates <= 1.7.1001 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Form Builder Widget | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 6.4 | 2024-11-13 08:29:35 | Deep Dive |
| CVE-2024-9668 | Royal Elementor Addons and Templates <= 1.7.1001 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 6.4 | 2024-11-13 08:29:35 | Deep Dive |
| CVE-2024-9059 | Royal Elementor Addons and Template <= 1.7.1001 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Google Maps Widget | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 6.4 | 2024-11-13 08:29:34 | Deep Dive |
| CVE-2024-10794 | Boostify Header Footer Builder for Elementor <= 1.3.6 - Authenticated (Contributor+) Post Disclosure | duongancol | Boostify Header Footer Builder for Elementor | Medium | 4.3 | 2024-11-13 03:20:06 | Deep Dive |
| CVE-2024-10850 | Razorpay Payment Button for Elementor <= 1.2.5 - Reflected Cross-Site Scripting | razorpay | Razorpay Payment Button Elementor Plugin | Medium | 6.1 | 2024-11-13 02:02:33 | Deep Dive |