| CVE-2024-8546 | ElementsKit Elementor addons <= 3.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Video Widget | roxnor | ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor | Medium | 6.4 | 2024-09-25 12:44:13 | Deep Dive |
| CVE-2024-8858 | Elementor Addons by Livemesh <= 8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via piechart_settings Parameter | livemesh | Livemesh Addons by Elementor | Medium | 6.4 | 2024-09-25 10:59:52 | Deep Dive |
| CVE-2024-47303 | WordPress Elementor Addons by Livemesh plugin <= 8.5 - Cross Site Scripting (XSS) vulnerability | livemesh | Livemesh Addons for Elementor | Medium | 6.5 | 2024-09-25 08:01:35 | Deep Dive |
| CVE-2024-8910 | HT Mega – Absolute Addons For Elementor <= 2.6.5 - Authenticated (Contributor+) Sensitive Information Exposure via template_id | devitemsllc | HT Mega Addons for Elementor – Elementor Widgets & Template Builder | Medium | 4.3 | 2024-09-25 06:49:00 | Deep Dive |
| CVE-2024-8668 | ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) <= 2.9.7 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting | devitemsllc | ShopLentor – All-in-One WooCommerce Growth & Store Enhancement Plugin | Medium | 6.4 | 2024-09-25 04:30:28 | Deep Dive |
| CVE-2024-8516 | Themesflat Addons For Elementor <= 2.2.1 - Authenticated (Contributor+) Information Exposure | themesflat | Themesflat Addons For Elementor | Medium | 4.3 | 2024-09-25 03:27:41 | Deep Dive |
| CVE-2024-8515 | Themesflat Addons For Elementor <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | themesflat | Themesflat Addons For Elementor | Medium | 6.4 | 2024-09-25 03:27:39 | Deep Dive |
| CVE-2024-9068 | OneElements – Best Elementor Addons <= 1.3.7 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | themexclub | OneElements – Best Elementor Addons | Medium | 6.4 | 2024-09-25 02:05:11 | Deep Dive |
| CVE-2024-9069 | Graphicsly – The ultimate graphics plugin for WordPress website builder ( Gutenberg, Elementor, Beaver Builder, WPBakery ) <= 1.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | besnikac | Graphicsly – The ultimate graphics plugin for WordPress website builder ( Gutenberg, Elementor, Beaver Builder, WPBakery ) | Medium | 6.4 | 2024-09-25 02:05:07 | Deep Dive |
| CVE-2024-8801 | Happy Addons for Elementor <= 3.12.2 - Authenticated (Contributor+) Sensitive Information Exposure | thehappymonster | Happy Addons for Elementor | Medium | 4.3 | 2024-09-24 11:00:46 | Deep Dive |
| CVE-2024-44001 | WordPress Royal Elementor Addons and Templates plugin <= 1.3.982 - Cross Site Scripting (XSS) vulnerability | WP Royal | Royal Elementor Addons | Medium | 6.5 | 2024-09-17 23:13:11 | Deep Dive |
| CVE-2024-44007 | WordPress SKT Templates – Elementor & Gutenberg templates plugin <= 6.14 - Reflected Cross Site Scripting (XSS) vulnerability | sonalsinha21 | SKT Templates – Elementor & Gutenberg templates | High | 7.1 | 2024-09-17 23:04:41 | Deep Dive |
| CVE-2024-43977 | WordPress The Plus Addons for Elementor plugin <= 5.6.2 - Cross Site Scripting (XSS) vulnerability | POSIMYTH | The Plus Addons for Elementor Page Builder Lite | Medium | 5.9 | 2024-09-17 22:38:59 | Deep Dive |
| CVE-2024-8742 | Essential Addons for Elementor <= 6.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Filterable Gallery Widget | wpdevteam | Essential Addons for Elementor – Popular Elementor Templates & Widgets | Medium | 6.4 | 2024-09-13 06:47:29 | Deep Dive |
| CVE-2024-5416 | Elementor Website Builder – More than Just a Page Builder <= 3.23.4 - Authenticated (Contributor+) Stored Cross-Site Scripting in the URL Parameter in Multiple Widgets | elemntor | Elementor Website Builder – more than just a page builder | Medium | 5.4 | 2024-09-11 11:32:03 | Deep Dive |
| CVE-2024-8440 | Essential Addons for Elementor -- Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 6.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Fancy Text Widget | wpdevteam | Essential Addons for Elementor – Popular Elementor Templates & Widgets | Medium | 6.4 | 2024-09-11 06:42:25 | Deep Dive |
| CVE-2024-6282 | Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor <= 2.0.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via data-jltma-wrapper-link Element | litonice13 | Master Addons For Elementor – Widgets, Extensions, Theme Builder, Popup Builder & Template Kits | Medium | 5.4 | 2024-09-10 11:30:31 | Deep Dive |
| CVE-2024-7611 | Enter Addons – Ultimate Template Builder for Elementor <= 2.1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Events Card Widget | themelooks | Enter Addons – Ultimate Template Builder for Elementor | Medium | 6.4 | 2024-09-06 13:55:22 | Deep Dive |
| CVE-2024-7122 | Elementor Addon Elements <= 1.13.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets | wpvibes | Addon Elements for Elementor (formerly Elementor Addon Elements) | Medium | 6.4 | 2024-08-30 09:29:48 | Deep Dive |
| CVE-2024-4401 | Elementor Addon Elements <= 1.13.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via id and eae_slider_animation Parameters | wpvibes | Addon Elements for Elementor (formerly Elementor Addon Elements) | Medium | 6.4 | 2024-08-30 03:24:17 | Deep Dive |