| CVE-2026-4659 | Unlimited Elements For Elementor <= 2.0.6 - Authenticated (Contributor+) Arbitrary File Read via Path Traversal in Repeater JSON/CSV URL with Path Traversal | unitecms | Unlimited Elements For Elementor | High | 7.5 | 2026-04-17 06:44:50 | Deep Dive |
| CVE-2026-2724 | Unlimited Elements For Elementor <= 2.0.5 - Unauthenticated Stored Cross-Site Scripting via Form Entry Fields | unitecms | Unlimited Elements For Elementor | High | 7.2 | 2026-03-10 09:58:58 | Deep Dive |
| CVE-2026-1319 | Robin Image Optimizer <= 2.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via Image Alternative Text Field | themeisle | Robin Image Optimizer – Unlimited Image Optimization & WebP Converter | Medium | 6.4 | 2026-02-05 08:25:43 | Deep Dive |
| CVE-2020-37101 | VPN unlimited 6.1 - Unquoted Service Path | Vpnunlimitedapp | VPN unlimited | High | 7.8 | 2026-02-03 14:49:23 | Deep Dive |
| CVE-2025-14274 | Unlimited Elements for Elementor <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Border Hero Widget | unitecms | Unlimited Elements For Elementor | Medium | 5.4 | 2026-02-03 05:30:14 | Deep Dive |
| CVE-2025-12640 | Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager <= 3.1.5 - Missing Authorization to Authenticated (Author+) Media Replacement | premio | Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager | Medium | 4.3 | 2026-01-08 02:21:17 | Deep Dive |
| CVE-2025-13692 | Unlimited Elements For Elementor and Unlimited Elements For Elementor (Premium) <= 2.0 - Unauthenticated Stored Cross-Site Scripting via SVG File Upload | unitecms | Unlimited Elements for Elementor (Premium) | High | 7.2 | 2025-11-27 13:53:13 | Deep Dive |
| CVE-2025-12971 | Folders <= 3.1.5 - Incorrect Authorization to Authenticated (Contributor+) Folder Content Manipulation | premio | Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager | Medium | 4.3 | 2025-11-27 12:31:01 | Deep Dive |
| CVE-2025-10246 | lokibhardwaj PHP-Code-For-Unlimited-File-Upload f.php cross site scripting | lokibhardwaj | PHP-Code-For-Unlimited-File-Upload | Low | 3.5 | 2025-09-11 05:02:07 | Deep Dive |
| CVE-2025-8603 | Unlimited Elements For Elementor <= 1.5.148 - Authenticated (Contributor+) Stored Cross-Site Scripting | unitecms | Unlimited Elements For Elementor | Medium | 6.4 | 2025-08-28 03:42:44 | Deep Dive |
| CVE-2019-25224 | WP Database Backup < 5.2 - Unauthenticated OS Command Injection | databasebackup | WP Database Backup – Unlimited Database & Files Backup by Backup for WP | Critical | 9.8 | 2025-07-25 02:23:59 | Deep Dive |
| CVE-2025-27008 | WordPress Unlimited Timeline < 1.6.1 - Broken Access Control Vulnerability | NotFound | Unlimited Timeline | - | - | 2025-04-15 21:53:14 | Deep Dive |
| CVE-2025-1663 | Unlimited Elements For Elementor <= 1.5.142 - Authenticated (Contributor+) Stored Cross-Site Scripting | unitecms | Unlimited Elements For Elementor | Medium | 6.4 | 2025-04-03 07:21:23 | Deep Dive |
| CVE-2025-31073 | WordPress Unlimited plugin <= 1.45 - Cross Site Scripting (XSS) Vulnerability | bensibley | Unlimited | Medium | 6.5 | 2025-03-28 09:39:59 | Deep Dive |
| CVE-2024-13155 | Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.140 - Authenticated (Contributor+) Stored Cross-Site Scripting via Transparent Split Hero Widget | unitecms | Unlimited Elements For Elementor | Medium | 6.4 | 2025-02-20 07:33:37 | Deep Dive |
| CVE-2025-22688 | WordPress Unlimited Page Sidebars plugin <= 0.2.6 - CSRF to Stored XSS vulnerability | Ederson Peka | Unlimited Page Sidebars | High | 7.1 | 2025-02-03 14:23:52 | Deep Dive |
| CVE-2024-12116 | Unlimited Theme Addon For Elementor and WooCommerce <= 1.2.2 - Authenticated (Contributor+) Post Disclosure | codepopular | Unlimited Theme Addon For Elementor | Medium | 4.3 | 2025-01-11 07:21:52 | Deep Dive |
| CVE-2024-12330 | WP Database Backup – Unlimited Database & Files Backup by Backup for WP <= 7.3 - Unauthenticated Database Back-Up Exposure | databasebackup | WP Database Backup – Unlimited Database & Files Backup by Backup for WP | High | 7.5 | 2025-01-09 11:10:56 | Deep Dive |
| CVE-2024-13153 | Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.135 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets | unitecms | Unlimited Elements For Elementor | Medium | 6.4 | 2025-01-09 08:24:24 | Deep Dive |
| CVE-2024-11896 | Text Prompter – Unlimited chatgpt text prompts for openai tasks <= 1.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting | flippercode | Text Prompter – Unlimited chatgpt text prompts for openai tasks | Medium | 6.4 | 2024-12-24 08:22:03 | Deep Dive |