| CVE-2024-2252 | Droit Elementor Addons – Widgets, Blocks, Templates Library For Elementor Builder <= 3.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting | droitthemes | Droit Elementor Addons – Widgets, Blocks, Templates Library For Elementor Builder | Medium | 5.4 | 2024-03-13 15:27:23 | Deep Dive |
| CVE-2024-2286 | Sky Addons for Elementor <= 2.4.0 - Authenticated(Contributor+) Stored Cross-site scripting via Wrapper Link URL | wowdevs | Sky Addons – Elementor Addons with Widgets & Templates | Medium | 6.4 | 2024-03-13 15:27:18 | Deep Dive |
| CVE-2024-2028 | Exclusive Addons for Elementor <= 2.6.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Covid-19 Stats Widget | timstrifler | Exclusive Addons for Elementor | Medium | 6.4 | 2024-03-13 15:27:17 | Deep Dive |
| CVE-2024-2030 | Database for Contact Form 7, WPforms, Elementor forms <= 1.3.3 - Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode | crmperks | Database for Contact Form 7, WPforms, Elementor forms | Medium | 6.4 | 2024-03-13 15:27:14 | Deep Dive |
| CVE-2024-1393 | Elementor Addon Elements <= 1.12.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Content Switcher Widget | wpvibes | Addon Elements for Elementor (formerly Elementor Addon Elements) | Medium | 6.4 | 2024-03-13 15:27:12 | Deep Dive |
| CVE-2024-1391 | Elementor Addon Elements <= 1.12.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Thumbnail Slider Widget | wpvibes | Addon Elements for Elementor (formerly Elementor Addon Elements) | Medium | 6.4 | 2024-03-13 15:27:07 | Deep Dive |
| CVE-2024-2006 | Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget <= 1.6.7 - Authenticated (Contributor+) PHP Object Injection in outpost_shortcode_metabox_markup | wpwax | Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget | High | 8.8 | 2024-03-13 15:27:04 | Deep Dive |
| CVE-2024-1237 | Elementor Header & Footer Builder <= 1.6.24 - Authenticated (Contributor+) Stored Cross-Site Scripting | brainstormforce | Ultimate Addons for Elementor | Medium | 6.4 | 2024-03-13 15:27:01 | Deep Dive |
| CVE-2024-1537 | Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Data Table | wpdevteam | Essential Addons for Elementor – Popular Elementor Templates & Widgets | Medium | 6.4 | 2024-03-13 15:27:00 | Deep Dive |
| CVE-2024-1680 | Premium Addons for Elementor <= 4.10.21 - Authenticated (Contributor+) Stored Cross-Site Scripting via Banner, Team Members, and Image Scroll Widgets | leap13 | Premium Addons for Elementor – Powerful Elementor Templates & Widgets | Medium | 6.4 | 2024-03-13 15:26:56 | Deep Dive |
| CVE-2024-1414 | Exclusive Addons for Elementor <= 2.6.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Call To Action Widget | timstrifler | Exclusive Addons for Elementor | Medium | 6.4 | 2024-03-13 15:26:55 | Deep Dive |
| CVE-2024-1422 | Elementor Addon Elements <= 1.12.12 - Authenticated(Contributor+) Stored Cross-Site Scripting via Modal Popup effet | wpvibes | Addon Elements for Elementor (formerly Elementor Addon Elements) | Medium | 6.4 | 2024-03-13 15:26:48 | Deep Dive |
| CVE-2024-1392 | Elementor Addon Elements <= 1.12.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Dual Button Widget | wpvibes | Addon Elements for Elementor (formerly Elementor Addon Elements) | Medium | 6.4 | 2024-03-13 15:26:42 | Deep Dive |
| CVE-2024-1585 | Metform Elementor Contact Form Builder <= 3.8.3 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode | roxnor | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor | Medium | 6.4 | 2024-03-13 15:26:42 | Deep Dive |
| CVE-2024-0326 | Premium Addons for Elementor <= 4.10.17 - Authenticated(Contributor+) Stored Cross-Site Scripting via Link Wrapper | leap13 | Premium Addons for Elementor – Powerful Elementor Templates & Widgets | Medium | 6.4 | 2024-03-13 15:26:38 | Deep Dive |
| CVE-2024-1358 | Elementor Addon Elements <= 1.12.12 - Directory Traversal to Local File Inclusion | wpvibes | Addon Elements for Elementor (formerly Elementor Addon Elements) | High | 8.8 | 2024-03-13 15:26:37 | Deep Dive |
| CVE-2024-1234💣 | Exclusive Addons for Elementor <= 2.6.9 - Authenticated (Contributor+) Stored Cross-Site Scripting EPSS 0.11 | timstrifler | Exclusive Addons for Elementor | Medium | 6.4 | 2024-03-13 15:26:35 | Deep Dive |
| CVE-2024-1536 | Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Event Calendar | wpdevteam | Essential Addons for Elementor – Popular Elementor Templates & Widgets | High | 7.4 | 2024-03-13 15:26:34 | Deep Dive |
| CVE-2024-1507 | Prime Slider – Addons For Elementor <= 3.13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Rubix Widget | bdthemes | Prime Slider – Addons for Elementor | Medium | 6.4 | 2024-03-13 13:52:12 | Deep Dive |
| CVE-2024-1508 | Prime Slider – Addons For Elementor <= 3.13.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Mercury Widget | bdthemes | Prime Slider – Addons for Elementor | Medium | 6.4 | 2024-03-13 13:52:12 | Deep Dive |