| CVE-2025-58793 | WordPress WPB Elementor Addons plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability | WPBean | WPB Elementor Addons | Medium | 6.5 | 2025-09-05 13:45:03 | Deep Dive |
| CVE-2025-8150 | Events Addon for Elementor <= 2.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Typewriter and Countdown Widgets | nicheaddons | Events Addon for Elementor | Medium | 6.4 | 2025-08-29 08:25:54 | Deep Dive |
| CVE-2025-8619 | OSM Map Widget for Elementor <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button URL | garbowza | OSM Map Widget for Elementor | Medium | 6.4 | 2025-08-29 04:25:29 | Deep Dive |
| CVE-2025-53230 | WordPress Page Manager for Elementor Plugin <= 2.0.5 - Broken Access Control Vulnerability | honzat | Page Manager for Elementor | High | 7.6 | 2025-08-28 12:37:22 | Deep Dive |
| CVE-2025-49387 | WordPress Drag and Drop File Upload for Elementor Forms Plugin <= 1.5.3 - Arbitrary File Upload Vulnerability | add-ons.org | Drag and Drop File Upload for Elementor Forms | Critical | 10.0 | 2025-08-28 12:37:13 | Deep Dive |
| CVE-2025-48354 | WordPress Better Post & Filter Widgets for Elementor plugin <= 1.6.1 - Cross Site Scripting (XSS) vulnerability | WP Smart Widgets | Better Post & Filter Widgets for Elementor | Medium | 6.5 | 2025-08-28 12:37:06 | Deep Dive |
| CVE-2025-8603 | Unlimited Elements For Elementor <= 1.5.148 - Authenticated (Contributor+) Stored Cross-Site Scripting | unitecms | Unlimited Elements For Elementor | Medium | 6.4 | 2025-08-28 03:42:44 | Deep Dive |
| CVE-2025-58208 | WordPress PDF for Elementor Forms + Drag And Drop Template Builder Plugin <= 6.2.0 - Cross Site Scripting (XSS) Vulnerability | add-ons.org | PDF for Elementor Forms + Drag And Drop Template Builder | Medium | 6.5 | 2025-08-27 17:45:47 | Deep Dive |
| CVE-2025-58205 | WordPress ElementInvader Addons for Elementor Plugin <= 1.3.6 - Cross Site Scripting (XSS) Vulnerability | Element Invader | ElementInvader Addons for Elementor | Medium | 6.5 | 2025-08-27 17:45:46 | Deep Dive |
| CVE-2025-58195 | WordPress Xpro Elementor Addons Plugin <= 1.4.17 - Cross Site Scripting (XSS) Vulnerability | Xpro | Xpro Elementor Addons | Medium | 6.5 | 2025-08-27 17:45:41 | Deep Dive |
| CVE-2025-8208 | Spexo Addons for Elementor <= 1.0.23 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget | templatescoderthemes | Spexo Addons for Elementor – Elementor Widgets, Mega Menu, Popup Builder, Template Kits and Starter Templates for Elementor | Medium | 6.4 | 2025-08-24 05:27:09 | Deep Dive |
| CVE-2025-53983 | WordPress JetElements For Elementor <= 2.7.7 - Sensitive Data Exposure Vulnerability | Crocoblock | JetElements For Elementor | 中危 | - | 2025-08-20 08:03:09 | Deep Dive |
| CVE-2025-53988 | WordPress JetBlocks For Elementor <= 1.3.18 - Sensitive Data Exposure Vulnerability | Crocoblock | JetBlocks For Elementor | 中危 | - | 2025-08-20 08:03:08 | Deep Dive |
| CVE-2025-7499 | BetterDocs <= 4.1.1 - Missing Authorization to Private And Password-Protected Posts Information Disclosure | wpdevteam | BetterDocs – Knowledge Base Docs & FAQ Solution for Elementor & Block Editor | Medium | 5.3 | 2025-08-16 07:25:29 | Deep Dive |
| CVE-2025-7439 | Anber Elementor Addon <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Banner button link | yeashir | Anber Elementor Addon | Medium | 6.4 | 2025-08-16 03:38:52 | Deep Dive |
| CVE-2025-7440 | Anber Elementor Addon <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Carousel button link | yeashir | Anber Elementor Addon | Medium | 6.4 | 2025-08-16 03:38:50 | Deep Dive |
| CVE-2025-8451 | Essential Addons for Elementor – Popular Elementor Templates and Widgets <= 6.2.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via 'data-gallery-items' | wpdevteam | Essential Addons for Elementor – Popular Elementor Templates & Widgets | Medium | 6.4 | 2025-08-15 06:40:42 | Deep Dive |
| CVE-2025-8867 | Graphina - Elementor Charts and Graphs <= 3.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting | iqonicdesign | Graphina – Charts and Graphs For Elementor | Medium | 6.4 | 2025-08-15 02:24:24 | Deep Dive |
| CVE-2025-54712 | WordPress Easy Elementor Addons Plugin <= 2.2.7 - Broken Access Control Vulnerability | hashthemes | Easy Elementor Addons | Medium | 4.3 | 2025-08-14 18:21:47 | Deep Dive |
| CVE-2025-55712 | WordPress The Plus Addons for Elementor Page Builder Lite Plugin <= 6.3.13 - Broken Access Control Vulnerability | POSIMYTH | The Plus Addons for Elementor Page Builder Lite | Medium | 6.5 | 2025-08-14 18:21:26 | Deep Dive |