| CVE-2023-31090 | WordPress Unlimited Elements For Elementor plugin <= 1.5.60 - Unrestricted Zip Extraction vulnerability | Unlimited Elements | Unlimited Elements For Elementor (Free Widgets, Addons, Templates) | Critical | 9.9 | 2024-04-24 15:45:55 | Deep Dive |
| CVE-2024-32773 | WordPress Royal Elementor Kit theme <= 1.0.116 - Cross Site Request Forgery (CSRF) vulnerability | WP Royal | Royal Elementor Kit | Medium | 4.3 | 2024-04-24 14:58:17 | Deep Dive |
| CVE-2024-32785 | WordPress The Pack Elementor addons plugin <= 2.0.8.3 - Cross Site Request Forgery (CSRF) to XSS vulnerability | Webangon | The Pack Elementor addons | High | 7.1 | 2024-04-24 10:22:25 | Deep Dive |
| CVE-2024-32721 | WordPress Jeg Elementor Kit plugin <= 2.6.3 - Cross Site Scripting (XSS) vulnerability | Jegtheme | Jeg Elementor Kit | Medium | 6.5 | 2024-04-24 10:09:51 | Deep Dive |
| CVE-2024-32791 | WordPress Premium Addons for Elementor plugin <= 4.10.25 - Cross Site Scripting (XSS) vulnerability | Leap13 | Premium Addons for Elementor | Medium | 6.5 | 2024-04-24 08:45:30 | Deep Dive |
| CVE-2024-32718 | WordPress The Pack Elementor addons plugin <= 2.0.8.2 - Server Side Request Forgery (SSRF) vulnerability | Webangon | The Pack Elementor addons | Medium | 4.9 | 2024-04-24 07:19:58 | Deep Dive |
| CVE-2024-0900 | Elespare – Build Your Blog, News & Magazine Websites with Expert-Designed Template Kits. One Click Import: No Coding Skills Required! <= 2.1.2 - Missing Authorization to Subscriber+ Arbitrary Post Creation | elespare | EleSpare – News, Magazine and Blog Addons for Elementor | Medium | 4.3 | 2024-04-23 08:32:54 | Deep Dive |
| CVE-2024-2798 | Royal Elementor Addons and Templates <= 1.3.971 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 6.4 | 2024-04-23 05:33:33 | Deep Dive |
| CVE-2024-3889 | Royal Elementor Addons and Templates <= 1.3.971 - Authenticated (Contributor+) Stored Cross-Site Scripting via Advanced Accordion Title Tags | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 6.4 | 2024-04-23 05:33:33 | Deep Dive |
| CVE-2024-2799 | Royal Elementor Addons and Templates <= 1.3.971 - Authenticated (Contributor+) Stored Cross-Site Scripting via HTML Tags | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 6.4 | 2024-04-23 05:33:32 | Deep Dive |
| CVE-2024-3645 | Essential Addons for Elementor Pro <= 5.8.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'title_html_tag' | Essential Addons | Essential Addons for Elementor Pro | Medium | 6.4 | 2024-04-22 13:51:47 | Deep Dive |
| CVE-2024-32681 | WordPress Prime Slider plugin <= 3.13.2 - Broken Access Control vulnerability | BdThemes | Prime Slider – Addons For Elementor | Medium | 4.3 | 2024-04-22 10:41:28 | Deep Dive |
| CVE-2024-32682 | WordPress Prime Slider plugin <= 3.13.2 - Broken Access Control vulnerability | BdThemes | Prime Slider – Addons For Elementor | High | 7.1 | 2024-04-22 10:40:11 | Deep Dive |
| CVE-2024-32698 | WordPress Happy Addons for Elementor plugin <= 3.10.4 - Cross Site Scripting (XSS) vulnerability | HappyMonster | Happy Addons for Elementor | Medium | 6.5 | 2024-04-22 07:56:33 | Deep Dive |
| CVE-2024-1730 | Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Media Slider, Drag Drop Slider, Video Slider, Product Slider, Ecommerce Slider) <= 3.14.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | bdthemes | Prime Slider – Addons for Elementor | Medium | 5.4 | 2024-04-20 03:21:18 | Deep Dive |
| CVE-2024-1057 | ShopLentor – WooCommerce Builder for Elementor & Gutenberg +10 Modules – All in One Solution (formerly WooLentor) <= 2.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | devitemsllc | ShopLentor – All-in-One WooCommerce Growth & Store Enhancement Plugin | Medium | 6.4 | 2024-04-20 01:56:38 | Deep Dive |
| CVE-2024-32572 | WordPress Element Pack Elementor Addons plugin <= 5.6.0 - Cross Site Scripting (XSS) vulnerability | BdThemes | Element Pack Elementor Addons | Medium | 6.5 | 2024-04-18 09:39:44 | Deep Dive |
| CVE-2024-32592 | WordPress Void Elementor WHMCS Elements For Elementor Page Builder plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability | VoidCoders, innovs | Void Elementor WHMCS Elements For Elementor Page Builder | Medium | 6.5 | 2024-04-18 08:37:47 | Deep Dive |
| CVE-2024-32593 | WordPress WPBITS Addons For Elementor Page Builder plugin <= 1.3.4.2 - Cross Site Scripting (XSS) vulnerability | WPBits | WPBITS Addons For Elementor Page Builder | Medium | 6.5 | 2024-04-18 08:36:12 | Deep Dive |
| CVE-2024-1426 | Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid) <= 5.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Price List Widget | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 6.4 | 2024-04-18 04:32:59 | Deep Dive |