| CVE-2024-2923 | Magical Addons For Elementor ( Header Footer Builder, Free Elementor Widgets, Elementor Templates Library ) <= 1.1.37 - Authenticated (Contributor+) Stored Cross-Site Scripting via Text Effect Widget | nalam-1 | Magical Addons For Elementor ( Header Footer Builder, Free Elementor Widgets, Elementor Templates Library ) | Medium | 6.4 | 2024-05-09 20:03:32 | Deep Dive |
| CVE-2024-0900 | Elespare – Build Your Blog, News & Magazine Websites with Expert-Designed Template Kits. One Click Import: No Coding Skills Required! <= 2.1.2 - Missing Authorization to Subscriber+ Arbitrary Post Creation | elespare | EleSpare – News, Magazine and Blog Addons for Elementor | Medium | 4.3 | 2024-04-23 08:32:54 | Deep Dive |
| CVE-2024-1429 | Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid) <= 5.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Panel Slider Widget | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 6.4 | 2024-04-18 04:32:59 | Deep Dive |
| CVE-2024-1426 | Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid) <= 5.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Price List Widget | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 6.4 | 2024-04-18 04:32:59 | Deep Dive |
| CVE-2024-2966 | Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) <= 5.5.6 - Sensitive Information Exposure via element_pack_ajax_search | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 5.3 | 2024-04-11 07:31:36 | Deep Dive |
| CVE-2024-0837 | Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid) <= 5.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Custom Gallery' Widget | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 6.4 | 2024-04-06 07:34:56 | Deep Dive |
| CVE-2024-1428 | Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid) <= 5.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Trailer Box Widget | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 6.4 | 2024-04-06 07:34:54 | Deep Dive |
| CVE-2024-1237 | Elementor Header & Footer Builder <= 1.6.24 - Authenticated (Contributor+) Stored Cross-Site Scripting | brainstormforce | Ultimate Addons for Elementor | Medium | 6.4 | 2024-03-13 15:27:01 | Deep Dive |
| CVE-2022-4707 | Royal Elementor Addons <= 1.3.59 - Cross-Site Request Forgery to Menu Template creation | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 4.3 | 2023-01-10 16:55:52 | Deep Dive |
| CVE-2022-4701 | Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Plugin Activation | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 4.3 | 2023-01-10 16:55:47 | Deep Dive |
| CVE-2022-4703 | Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Import Deletion | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 4.3 | 2023-01-10 16:55:43 | Deep Dive |
| CVE-2022-4705 | Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Template Activation | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 4.3 | 2023-01-10 16:55:39 | Deep Dive |
| CVE-2022-4704 | Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Template Import | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 5.4 | 2023-01-10 16:55:34 | Deep Dive |
| CVE-2022-4710 | Royal Elementor Addons <= 1.3.59 - Reflected Cross-Site Scripting | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 6.1 | 2023-01-10 16:55:30 | Deep Dive |
| CVE-2022-4708 | Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Template Conditions Modification | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 4.3 | 2023-01-10 16:55:21 | Deep Dive |
| CVE-2022-4711 | Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Menu Settings Update | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 4.3 | 2023-01-10 16:55:15 | Deep Dive |
| CVE-2022-4702 | Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Plugin Deactivation | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 5.4 | 2023-01-10 16:55:10 | Deep Dive |
| CVE-2022-4700 | Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Theme Activation | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 5.4 | 2023-01-10 16:55:05 | Deep Dive |
| CVE-2022-4709 | Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Template Kit Import | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 4.3 | 2023-01-10 16:55:00 | Deep Dive |
| CVE-2022-4102 | Royal Elementor Addons < 1.3.56 - Subscriber+ Arbitrary Post Deletion | Unknown | Royal Elementor Addons (Elementor Templates, Post Grid, Mega Menu & Header Footer Builder, WooCommerce Builder, Product Grid, Slider, Parallax Image & other Free Elementor Widgets) | 低危 | - | 2023-01-09 22:13:41 | Deep Dive |