| CVE-2024-10784 | Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.126 - Authenticated (Contributor+) Stored Cross-Site Scripting | unitecms | Unlimited Elements For Elementor | Medium | 6.4 | 2024-12-12 06:46:32 | Deep Dive |
| CVE-2024-10910 | Grid Plus – Unlimited grid layout <= 1.3.5 - Unauthenticated Arbitrary Shortcode Execution via grid_plus_load_by_category | g5theme | Grid Plus – Unlimited grid layout | High | 7.3 | 2024-12-12 04:23:11 | Deep Dive |
| CVE-2024-49267 | WordPress Unlimited Addon For Elementor plugin <=2.0.0 - Cross Site Scripting (XSS) vulnerability | nayon46 | Unlimited Addon For Elementor | Medium | 6.5 | 2024-10-16 14:39:13 | Deep Dive |
| CVE-2024-49271 | WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin <= 1.5.121 - Remote Code Execution (RCE) vulnerability | Unlimited Elements | Unlimited Elements For Elementor (Free Widgets, Addons, Templates) | Critical | 9.1 | 2024-10-16 12:55:41 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-45454 | WordPress Unlimited Elements for Elementor plugin <= 1.5.121 - Reflected Cross Site Scripting (XSS) vulnerability | Unlimited Elements | Unlimited Elements For Elementor (Free Widgets, Addons, Templates) | High | 7.1 | 2024-10-06 11:47:25 | Deep Dive |
| CVE-2024-7317 | Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager <= 3.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via SVG File Upload | premio | Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager | Medium | 6.4 | 2024-08-06 10:59:36 | Deep Dive |
| CVE-2024-6170 | Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.112 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'email' | unitecms | Unlimited Elements For Elementor | Medium | 6.4 | 2024-07-09 04:32:56 | Deep Dive |
| CVE-2024-6169 | Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.112 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'username' | unitecms | Unlimited Elements For Elementor | Medium | 6.4 | 2024-07-09 04:32:56 | Deep Dive |
| CVE-2024-6166 | Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.112 - Authenticated (Contributor+) Time-Based SQL Injection | unitecms | Unlimited Elements For Elementor | High | 8.8 | 2024-07-09 04:32:54 | Deep Dive |
| CVE-2024-6171 | Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.112 - IP Address Spoofing to Antispam Bypass | unitecms | Unlimited Elements For Elementor | Medium | 5.3 | 2024-07-09 04:32:53 | Deep Dive |
| CVE-2024-2023 | Folders <= 3.0 and Folders Pro <= 3.0.2 - Directory Traversal via handle_folders_file_upload | premio | Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager | Medium | 4.3 | 2024-06-14 12:50:56 | Deep Dive |
| CVE-2023-31080 | WordPress Unlimited Elements For Elementor plugin <= 1.5.65 - Multiple Broken Access Control vulnerability | Unlimited Elements | Unlimited Elements For Elementor (Free Widgets, Addons, Templates) | High | 8.3 | 2024-06-09 09:27:47 | Deep Dive |
| CVE-2024-5329 | Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.109 - Authenticated (Contributor+) Blind SQL Injection via data[addonID] Parameter | unitecms | Unlimited Elements For Elementor | High | 8.8 | 2024-06-06 09:34:02 | Deep Dive |
| CVE-2024-35674 | WordPress Unlimited Elements For Elementor plugin <= 1.5.109 - Broken Access Control vulnerability | Unlimited Elements | Unlimited Elements For Elementor (Free Widgets, Addons, Templates) | Medium | 4.3 | 2024-06-05 16:19:34 | Deep Dive |
| CVE-2023-33930 | WordPress Unlimited Elements For Elementor plugin <= 1.5.66 - Unrestricted Zip Extraction vulnerability | Unlimited Elements | Unlimited Elements For Elementor (Free Widgets, Addons, Templates) | Critical | 9.1 | 2024-06-04 07:08:04 | Deep Dive |
| CVE-2024-3190 | Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.107 - Authenticated (Contributor+) Stored Cross-Site Scripting via Text Field | unitecms | Unlimited Elements For Elementor | Medium | 5.4 | 2024-05-30 03:34:28 | Deep Dive |
| CVE-2023-6743 | Unlimited Elements for Elementor <= 1.5.89 - Authenticated(Contributor+) Remote Code Execution via template import | unitecms | Unlimited Elements For Elementor | High | 8.8 | 2024-05-29 04:30:14 | Deep Dive |
| CVE-2024-4779 | Unlimited Elements for Elementor <= 1.5.107 - Authenticated (Contributor+) SQL Injection via data[post_ids][0] | unitecms | Unlimited Elements For Elementor | High | 8.8 | 2024-05-23 09:32:33 | Deep Dive |
| CVE-2024-3055 | Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.102 - Authenticated (Contributor+) SQL Injection | unitecms | Unlimited Elements For Elementor | High | 8.8 | 2024-05-10 21:32:43 | Deep Dive |