| CVE-2025-69004 | WordPress Bajaar - Highly Customizable WooCommerce WordPress Theme theme <= 2.1.0 - Local File Inclusion vulnerability | XpeedStudio | Bajaar - Highly Customizable WooCommerce WordPress Theme | - | - | 2026-01-22 16:52:17 | Deep Dive |
| CVE-2025-5684 | MetForm <= 4.0.1 - Authenticated(Contributor+) Stored Cross-Site Scripting via `mf-template` DOM Element | roxnor | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor | Medium | 6.4 | 2025-07-29 19:42:34 | Deep Dive |
| CVE-2025-3614 | ElementsKit Elementor Addons and Templates <= 3.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Widget | roxnor | ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor | Medium | 6.4 | 2025-07-24 22:23:37 | Deep Dive |
| CVE-2025-4479 | ElementsKit Lite <= 3.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Comparison Widget | roxnor | ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor | Medium | 6.4 | 2025-06-19 03:40:14 | Deep Dive |
| CVE-2024-11180 | ElementsKit Elementor addons <= 3.4.7 - Authenticated (Contributor+) Stored Cross-Site Scripting | roxnor | ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor | Medium | 6.4 | 2025-03-29 07:23:45 | Deep Dive |
| CVE-2025-1506 | Wp Social Login and Register Social Counter <= 3.1.0 - Cross-Site Request Forgery to Settings Update | roxnor | Wp Social Login and Register Social Counter | Medium | 4.3 | 2025-02-28 05:23:16 | Deep Dive |
| CVE-2025-0968 | ElementsKit Elementor addons <= 3.4.0 - Unauthenticated Information Exposure via get_megamenu_content Function | roxnor | ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor | Medium | 5.3 | 2025-02-19 11:10:39 | Deep Dive |
| CVE-2025-1005 | ElementsKit Elementor addons <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Accordion Widget | roxnor | ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor | Medium | 6.4 | 2025-02-15 09:24:22 | Deep Dive |
| CVE-2024-9501 | Wp Social Login and Register Social Counter <= 3.0.7 - Authentication Bypass via WordPress.com OAuth provider | roxnor | Wp Social Login and Register Social Counter | Critical | 9.8 | 2024-10-26 12:32:48 | Deep Dive |
| CVE-2024-10091 | ElementsKit Elementor addons <= 3.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Comparison Widget | roxnor | ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor | Medium | 6.4 | 2024-10-26 02:31:31 | Deep Dive |
| CVE-2024-8546 | ElementsKit Elementor addons <= 3.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Video Widget | roxnor | ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor | Medium | 6.4 | 2024-09-25 12:44:13 | Deep Dive |
| CVE-2023-0714 | Metform Elementor Contact Form Builder <= 3.2.4 - Unauthenticated Double-Extension Arbitrary File Upload | roxnor | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor | High | 8.1 | 2024-08-17 09:38:58 | Deep Dive |
| CVE-2024-6698 | FundEngine – Donation and Crowdfunding Platform <= 1.7.0 - Authenticated (Subscriber+) Privilege Escalation | roxnor | FundEngine – Donation and Crowdfunding Platform | High | 8.8 | 2024-08-01 03:29:59 | Deep Dive |
| CVE-2024-6455 | ElementsKit Elementor addons <= 3.2.0 - Unauthenticated Information Exposure via ekit_widgetarea_content Function | roxnor | ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor | Medium | 5.3 | 2024-07-18 20:32:38 | Deep Dive |
| CVE-2024-4266 | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor <= 3.8.8 - Unauthenticated Sensitive Information Exposure | roxnor | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor | Medium | 5.3 | 2024-06-11 07:32:26 | Deep Dive |
| CVE-2024-3650 | WordPress plugin ElementsKit Elementor addons 安全漏洞 | xpeedstudio | ElementsKit Elementor addons and Templates Library | Medium | 6.4 | 2024-05-02 16:52:26 | Deep Dive |
| CVE-2024-3499 | ElementsKit Elementor addons <= 3.1.0 - Authenticated (Contributor+) Local File Inclusion via Onepage Scroll Module | roxnor | ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor | High | 8.8 | 2024-05-02 16:52:10 | Deep Dive |
| CVE-2024-2803 | ElementsKit Elementor addons <= 3.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget | roxnor | ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor | Medium | 6.4 | 2024-04-04 01:56:58 | Deep Dive |
| CVE-2024-2791 | Metform Elementor Contact Form Builder <= 3.8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Widgets | roxnor | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor | Medium | 6.4 | 2024-04-02 05:32:49 | Deep Dive |
| CVE-2024-1238 | ElementsKit Elementor addons <= 3.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting | roxnor | ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor | Medium | 6.4 | 2024-03-30 04:31:10 | Deep Dive |