| CVE-2023-50884 | WordPress LA-Studio Element Kit for Elementor plugin <= 1.1.5 - Broken Access Control vulnerability | LA-Studio | LA-Studio Element Kit for Elementor | 中危 | - | 2024-12-09 11:29:56 | Deep Dive |
| CVE-2024-11367 | Smoove connector for Elementor forms <= 4.1.0 - Reflected Cross-Site Scripting | matansmoove | Smoove connector for Elementor forms | Medium | 6.1 | 2024-12-07 09:27:05 | Deep Dive |
| CVE-2024-53796 | WordPress Themesflat Addons For Elementor plugin <= 2.2.2 - Cross Site Scripting (XSS) vulnerability | Themesflat | themesflat-addons-for-elementor | Medium | 6.5 | 2024-12-06 13:07:35 | Deep Dive |
| CVE-2024-53823 | WordPress The Plus Addons for Elementor plugin <= 5.6.14 - Cross Site Scripting (XSS) vulnerability | POSIMYTH | The Plus Addons for Elementor Page Builder Lite | Medium | 6.5 | 2024-12-06 13:07:31 | Deep Dive |
| CVE-2024-54210 | WordPress Advanced Element Bucket Addons for Elementor plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability | codexshaper | Advanced Element Bucket Addons for Elementor | Medium | 6.5 | 2024-12-06 13:07:28 | Deep Dive |
| CVE-2024-54212 | WordPress Magical Addons For Elementor plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability | Noor Alam | Magical Addons For Elementor | Medium | 6.5 | 2024-12-06 13:07:27 | Deep Dive |
| CVE-2024-10689 | XLTab – Accordions and Tabs for Elementor Page Builder <= 1.4 - Authenticated (Contributor+) Post Disclosure | webangon | XLTab – Accordions and Tabs for Elementor Page Builder | Medium | 4.3 | 2024-12-06 08:24:59 | Deep Dive |
| CVE-2024-10692 | PowerPack Elementor Addons (Free Widgets, Extensions and Templates) <= 2.8.1 - Authenticated (Contributor+) Post Disclosure | ideaboxcreations | PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) | Medium | 4.3 | 2024-12-06 08:24:58 | Deep Dive |
| CVE-2024-12110 | Gold Addons for Elementor <= 1.3.2 - Missing Authorization to Authenticated (Subscriber+) License Activation/Deactivation | jerryscg | Gold Addons for Elementor | Medium | 4.3 | 2024-12-06 08:24:55 | Deep Dive |
| CVE-2024-10777 | AnyWhere Elementor <= 1.2.11 - Authenticated (Contributor+) Post Disclosure | wpvibes | Dynific Addons for Elementor (formerly AnyWhere Elementor) | Medium | 4.3 | 2024-12-05 09:23:07 | Deep Dive |
| CVE-2024-8962 | WPBITS Addons For Elementor Page Builder <= 1.5.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | wpbits | WPBITS Addons For Elementor Page Builder | Medium | 6.4 | 2024-12-04 11:08:27 | Deep Dive |
| CVE-2024-10787 | LA-Studio Element Kit for Elementor <= 1.4.4 - Authenticated (Contributor+) Post Disclosure | choijun | LA-Studio Element Kit for Elementor | Medium | 4.3 | 2024-12-04 08:22:46 | Deep Dive |
| CVE-2024-10663 | Eleblog – Elementor Blog And Magazine Addons <= 1.8 - Missing Authorization to Authenticated (Subscriber+) Deactivation Submission | smarettheme | Eleblog – Elementor Blog And Magazine Addons | Medium | 4.3 | 2024-12-04 02:40:28 | Deep Dive |
| CVE-2024-12062 | Charity Addon for Elementor <= 1.3.3 - Authenticated (Contributor+) Post Disclosure | nicheaddons | Charity Addon for Elementor | Medium | 4.3 | 2024-12-03 09:32:01 | Deep Dive |
| CVE-2024-9058 | Element Pack Elementor Addons <= 5.10.5 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Lightbox Widget | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 6.4 | 2024-12-03 06:50:54 | Deep Dive |
| CVE-2024-9694 | CMSMasters Elementor Addon <= 1.14.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets | CMSMasters | CMSMasters Elementor Addon | Medium | 6.4 | 2024-12-03 02:05:36 | Deep Dive |
| CVE-2024-52486 | WordPress Elementor Portfolio Builder plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability | SolverWp | Elementor Portfolio Builder | Medium | 6.5 | 2024-12-02 13:48:56 | Deep Dive |
| CVE-2024-53743 | WordPress Countdown Timer for Elementor plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability | Aezaz Shaikh | Countdown Timer for Elementor | Medium | 6.5 | 2024-12-01 21:29:44 | Deep Dive |
| CVE-2024-53744 | WordPress Elementor Image Gallery plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability | SkyBootstrap | Elementor Image Gallery Plugin | Medium | 6.5 | 2024-12-01 21:29:00 | Deep Dive |
| CVE-2024-53746 | WordPress Elementor Button Plus plugin <= 1.3.9 - Cross Site Scripting (XSS) vulnerability | FlickDevs | Elementor Button Plus | Medium | 6.5 | 2024-12-01 21:24:44 | Deep Dive |