| CVE-2024-4156 | Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.17 - Authenticated (Contributor+) Stored Cross-Site Scripting | wpdevteam | Essential Addons for Elementor – Popular Elementor Templates & Widgets | Medium | 6.4 | 2024-05-02 16:51:52 | Deep Dive |
| CVE-2024-4003 | Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.15 - Authenticated (Contributor+) Stored Cross-Site Scripting | wpdevteam | Essential Addons for Elementor – Popular Elementor Templates & Widgets | Medium | 6.4 | 2024-05-02 16:51:51 | Deep Dive |
| CVE-2024-2085 | HT Mega – Absolute Addons For Elementor <= 2.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'size' | devitemsllc | HT Mega Addons for Elementor – Elementor Widgets & Template Builder | Medium | 6.4 | 2024-05-02 16:51:45 | Deep Dive |
| CVE-2024-3074 | Elementor ImageBox <= 1.2.8 - Authenticated (Contributor+) Stored Cross-Site Scripting | flickdevs | Elementor ImageBox | Medium | 6.4 | 2024-05-02 16:51:44 | Deep Dive |
| CVE-2024-3005 | LA-Studio Element Kit for Elementor <= 1.3.7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via LaStudioKit Post Author Widget | choijun | LA-Studio Element Kit for Elementor | Medium | 6.4 | 2024-05-02 11:02:24 | Deep Dive |
| CVE-2024-0334 | Jeg Elementor Kit <= 2.6.4 - Authenticated (Contributor+) Cross-Site Scripting via Elementor Widget URL Custom Attributes | jegtheme | Jeg Kit for Elementor – Powerful Addons for Elementor, Widgets & Templates for WordPress | Medium | 6.4 | 2024-05-01 12:46:31 | Deep Dive |
| CVE-2024-33595 | WordPress Master Addons for Elementor plugin <= 2.0.5.4.1 - Broken Access Control on Duplicate Post vulnerability | Jewel Theme | Master Addons for Elementor | Medium | 4.3 | 2024-04-29 09:16:00 | Deep Dive |
| CVE-2024-33635 | WordPress Piotnet Addons For Elementor Pro plugin <= 7.1.17 - Unauthenticated Arbitrary Post/Page Deletion vulnerability | Piotnet | Piotnet Addons For Elementor Pro | High | 7.5 | 2024-04-29 08:23:22 | Deep Dive |
| CVE-2024-33634 | WordPress Piotnet Addons For Elementor Pro plugin <= 7.1.17 - Unauthenticated Server Side Request Forgery (SSRF) vulnerability | Piotnet | Piotnet Addons For Elementor Pro | Medium | 5.4 | 2024-04-29 07:44:51 | Deep Dive |
| CVE-2024-33632 | WordPress Piotnet Addons For Elementor Pro plugin <= 7.1.17 - Cross Site Request Forgery (CSRF) vulnerability | Piotnet | Piotnet Addons For Elementor Pro | Medium | 5.4 | 2024-04-29 05:58:58 | Deep Dive |
| CVE-2024-33539 | WordPress WPZOOM Addons for Elementor plugin <= 1.1.35 - Cross Site Scripting (XSS) vulnerability | WPZOOM | WPZOOM Addons for Elementor (Templates, Widgets) | Medium | 6.5 | 2024-04-29 05:23:31 | Deep Dive |
| CVE-2024-33630 | WordPress Piotnet Addons For Elementor plugin <= 2.4.26 - Cross Site Scripting (XSS) vulnerability | Piotnet | Piotnet Addons For Elementor | Medium | 6.5 | 2024-04-29 05:11:36 | Deep Dive |
| CVE-2024-33631 | WordPress Piotnet Addons For Elementor Pro plugin <= 7.1.17 - Authenticated Stored Cross Site Scripting (XSS) vulnerability | Piotnet | Piotnet Addons For Elementor Pro | Medium | 6.5 | 2024-04-29 05:07:56 | Deep Dive |
| CVE-2024-33633 | WordPress Piotnet Addons For Elementor Pro plugin <= 7.1.17 - Reflected Cross Site Scripting (XSS) vulnerability | Piotnet | Piotnet Addons For Elementor Pro | High | 7.1 | 2024-04-29 05:06:17 | Deep Dive |
| CVE-2024-33649 | WordPress Opal Widgets For Elementor plugin <= 1.6.9 - Cross Site Scripting (XSS) vulnerability | WpOpal | Opal Widgets For Elementor | Medium | 6.5 | 2024-04-29 04:53:15 | Deep Dive |
| CVE-2024-3309 | Qi Addons For Elementor <= 1.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown widget | qodeinteractive | Qi Addons For Elementor | Medium | 6.4 | 2024-04-27 09:37:56 | Deep Dive |
| CVE-2024-3890 | Happy Addons for Elementor <= 3.10.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Calendly Widget | thehappymonster | Happy Addons for Elementor | Medium | 6.4 | 2024-04-26 07:28:18 | Deep Dive |
| CVE-2024-3733 | Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.15 - Information Exposure | wpdevteam | Essential Addons for Elementor – Popular Elementor Templates & Widgets | Medium | 5.3 | 2024-04-25 08:29:00 | Deep Dive |
| CVE-2024-3988 | Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) <= 3.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Sina Fancy Text Widget | shaonsina | Sina Extension for Elementor | Medium | 6.4 | 2024-04-25 07:33:59 | Deep Dive |
| CVE-2023-47504📌 | WordPress Elementor plugin <= 3.16.4 - Auth. Arbitrary Attachment Read vulnerability | Elementor | Elementor Website Builder | Medium | 6.5 | 2024-04-24 15:49:49 | Deep Dive |