| CVE-2024-2619 | Elementor Header & Footer Builder <= 1.6.26 - Authenticated (Author+) HTML Injection | brainstormforce | Ultimate Addons for Elementor | Medium | 5.0 | 2024-05-16 20:31:04 | Deep Dive |
| CVE-2024-4634 | Elementor Header & Footer Builder <= 1.6.28 - Authenticated (Contributor+) Stored Cross-Site Scripting | brainstormforce | Ultimate Addons for Elementor | Medium | 6.4 | 2024-05-16 11:05:30 | Deep Dive |
| CVE-2024-2923 | Magical Addons For Elementor ( Header Footer Builder, Free Elementor Widgets, Elementor Templates Library ) <= 1.1.37 - Authenticated (Contributor+) Stored Cross-Site Scripting via Text Effect Widget | nalam-1 | Magical Addons For Elementor ( Header Footer Builder, Free Elementor Widgets, Elementor Templates Library ) | Medium | 6.4 | 2024-05-09 20:03:32 | Deep Dive |
| CVE-2024-0900 | Elespare – Build Your Blog, News & Magazine Websites with Expert-Designed Template Kits. One Click Import: No Coding Skills Required! <= 2.1.2 - Missing Authorization to Subscriber+ Arbitrary Post Creation | elespare | EleSpare – News, Magazine and Blog Addons for Elementor | Medium | 4.3 | 2024-04-23 08:32:54 | Deep Dive |
| CVE-2024-1429 | Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid) <= 5.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Panel Slider Widget | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 6.4 | 2024-04-18 04:32:59 | Deep Dive |
| CVE-2024-1426 | Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid) <= 5.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Price List Widget | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 6.4 | 2024-04-18 04:32:59 | Deep Dive |
| CVE-2024-2966 | Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) <= 5.5.6 - Sensitive Information Exposure via element_pack_ajax_search | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 5.3 | 2024-04-11 07:31:36 | Deep Dive |
| CVE-2024-0837 | Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid) <= 5.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Custom Gallery' Widget | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 6.4 | 2024-04-06 07:34:56 | Deep Dive |
| CVE-2024-1428 | Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid) <= 5.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Trailer Box Widget | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 6.4 | 2024-04-06 07:34:54 | Deep Dive |
| CVE-2024-1237 | Elementor Header & Footer Builder <= 1.6.24 - Authenticated (Contributor+) Stored Cross-Site Scripting | brainstormforce | Ultimate Addons for Elementor | Medium | 6.4 | 2024-03-13 15:27:01 | Deep Dive |
| CVE-2021-4332 | The Plus Addons for Elementor PRO <= 4.1.9 & The Plus Addons for Elementor <= 2.0.6 - Authenticated (Contributor+) Arbitrary File Read | posimyththemes | The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce | Medium | 6.5 | 2023-03-07 14:16:47 | Deep Dive |
| CVE-2021-4331 | The Plus Addons for Elementor PRO <= 4.1.9 & The Plus Addons for Elementor <= 2.0.6 - Authenticated (Contributor+) Privilege Escalation | posimyththemes | The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce | High | 8.8 | 2023-03-07 14:07:35 | Deep Dive |
| CVE-2022-4707 | Royal Elementor Addons <= 1.3.59 - Cross-Site Request Forgery to Menu Template creation | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 4.3 | 2023-01-10 16:55:52 | Deep Dive |
| CVE-2022-4701 | Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Plugin Activation | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 4.3 | 2023-01-10 16:55:47 | Deep Dive |
| CVE-2022-4703 | Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Import Deletion | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 4.3 | 2023-01-10 16:55:43 | Deep Dive |
| CVE-2022-4705 | Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Template Activation | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 4.3 | 2023-01-10 16:55:39 | Deep Dive |
| CVE-2022-4704 | Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Template Import | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 5.4 | 2023-01-10 16:55:34 | Deep Dive |
| CVE-2022-4710 | Royal Elementor Addons <= 1.3.59 - Reflected Cross-Site Scripting | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 6.1 | 2023-01-10 16:55:30 | Deep Dive |
| CVE-2022-4708 | Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Template Conditions Modification | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 4.3 | 2023-01-10 16:55:21 | Deep Dive |
| CVE-2022-4711 | Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Menu Settings Update | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 4.3 | 2023-01-10 16:55:15 | Deep Dive |