| CVE-2024-56254 | WordPress Move Addons for Elementor plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability | moveaddons | Move Addons for Elementor | Medium | 6.5 | 2025-01-02 12:01:26 | Deep Dive |
| CVE-2024-56241 | WordPress WPKoi Templates for Elementor plugin <= 3.1.3 - Cross Site Scripting (XSS) vulnerability | wpkoithemes | WPKoi Templates for Elementor | Medium | 6.5 | 2025-01-02 12:01:18 | Deep Dive |
| CVE-2023-47661 | WordPress Dragfy Addons for Elementor plugin <= 1.0.2 - Broken Access Control + CSRF vulnerability | Dragfy | Dragfy Addons for Elementor | Medium | 5.4 | 2025-01-02 12:00:37 | Deep Dive |
| CVE-2024-56062 | WordPress Royal Elementor Addons and Templates plugin <= 1.3.987 - Cross Site Scripting (XSS) vulnerability | WP Royal | Royal Elementor Addons | Medium | 6.5 | 2024-12-31 23:07:40 | Deep Dive |
| CVE-2024-56063 | WordPress Essential Addons for Elementor plugin <= 6.0.7 - Cross Site Scripting (XSS) vulnerability | WPDeveloper | Essential Addons for Elementor | Medium | 6.5 | 2024-12-31 23:06:31 | Deep Dive |
| CVE-2024-56221 | WordPress WPMozo Addons Lite for Elementor plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability | Elicus | WPMozo Addons Lite for Elementor | Medium | 6.5 | 2024-12-31 10:31:42 | Deep Dive |
| CVE-2024-56226 | WordPress Royal Elementor Addons plugin <= 1.7.1001 - Reflected Cross Site Scripting (XSS) vulnerability | WP Royal | Royal Elementor Addons | High | 7.1 | 2024-12-31 10:29:08 | Deep Dive |
| CVE-2024-56227 | WordPress Royal Elementor Addons plugin <= 1.7.1001 - Broken Access Control vulnerability | WP Royal | Royal Elementor Addons | Medium | 4.3 | 2024-12-31 10:24:38 | Deep Dive |
| CVE-2024-56225 | WordPress Premium Addons for Elementor plugin <= 4.10.56 - Broken Access Control vulnerability | Leap13 | Premium Addons for Elementor | Medium | 5.4 | 2024-12-31 10:23:45 | Deep Dive |
| CVE-2024-12272 | WP Travel Engine – Elementor Widgets | Create Travel Booking Website Using WordPress and Elementor <= 1.3.7 - Authenticated (Contributor+) Local File Inclusion | wptravelengine | WP Travel Engine – Elementor Widgets | Create Travel Booking Website Using WordPress and Elementor | High | 8.8 | 2024-12-25 03:21:32 | Deep Dive |
| CVE-2024-11230 | Elementor Header & Footer Builder <= 1.6.46 - Authenticated (Contributor+) Stored Cross-Site Scripting via Page Title Widget | brainstormforce | Ultimate Addons for Elementor | Medium | 6.4 | 2024-12-23 04:23:13 | Deep Dive |
| CVE-2024-11852 | Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) <= 5.10.12 - Missing Authorization | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 4.3 | 2024-12-22 01:42:00 | Deep Dive |
| CVE-2024-10453 | Elementor Website Builder – More than Just a Page Builder <= 3.25.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Typography Settings | elemntor | Elementor Website Builder – more than just a page builder | Medium | 6.4 | 2024-12-21 09:23:56 | Deep Dive |
| CVE-2024-10797 | Full Screen Menu for Elementor <= 1.0.7 - Authenticated (Contributor+) Post Disclosure | solitweb | Full Screen Menu for Elementor | Medium | 4.3 | 2024-12-21 08:24:00 | Deep Dive |
| CVE-2024-12340 | Animation Addons for Elementor <= 1.1.6 - Authenticated (Contributor+) Sensitive Information Exposure via Content Slider and Tabs Widget Elementor Template | wealcoder | Animation Addons for Elementor – GSAP Motion Elementor Addons & Website Templates | Medium | 4.3 | 2024-12-18 09:22:39 | Deep Dive |
| CVE-2024-12061 | Events Addon for Elementor <= 2.2.3 - Authenticated (Contributor+) Post Disclosure | nicheaddons | Events Addon for Elementor | Medium | 4.3 | 2024-12-18 03:22:07 | Deep Dive |
| CVE-2024-10356 | ElementsReady Addons for Elementor <= 6.4.8 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Templates | quomodosoft | ElementsReady Addons for Elementor | Medium | 4.3 | 2024-12-17 12:43:38 | Deep Dive |
| CVE-2024-54443 | WordPress Advanced Data Table For Elementor plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability | PluginsCafe | Advanced Data Table For Elementor | Medium | 6.5 | 2024-12-16 14:14:16 | Deep Dive |
| CVE-2024-10690 | Shortcodes for Elementor <= 1.0.4 - Authenticated (Contributor+) Post Disclosure | rstheme2017 | Shortcodes for Elementor | Medium | 4.3 | 2024-12-14 05:34:15 | Deep Dive |
| CVE-2024-54338 | WordPress Hello Event Widgets For Elementor plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability | christer_f | Hello Event Widgets For Elementor | Medium | 6.5 | 2024-12-13 14:25:38 | Deep Dive |