| CVE-2024-9444 | ElementsReady Addons for Elementor <= 6.4.3 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | quomodosoft | ElementsReady Addons for Elementor | Medium | 6.4 | 2024-10-16 09:32:20 | Deep Dive |
| CVE-2024-9540 | Sina Extension for Elementor <= 3.5.7 - Authenticated (Contributor+) Sensitive Information Exposure via Sina Modal Box Widget Elementor Template | shaonsina | Sina Extension for Elementor | Medium | 4.3 | 2024-10-16 07:31:52 | Deep Dive |
| CVE-2021-4445 | Premium Addons for Elementor <= 4.5.1 - Authenticated (Subscriber+) Limited Arbitrary Option Update | leap13 | Premium Addons for Elementor – Powerful Elementor Templates & Widgets | Medium | 6.5 | 2024-10-16 06:43:43 | Deep Dive |
| CVE-2021-4447 | Essential Addons for Elementor <= 4.6.4 - Authenticated (Contributor+) Privilege Escalation | wpdevteam | Essential Addons for Elementor – Popular Elementor Templates & Widgets | High | 8.8 | 2024-10-16 06:43:42 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2021-4446 | Essential Addons for Elementor <= 4.6.4 - Missing Authorization | wpdevteam | Essential Addons for Elementor – Popular Elementor Templates & Widgets | Medium | 6.3 | 2024-10-16 06:43:26 | Deep Dive |
| CVE-2024-9888 | ElementInvader Addons for Elementor <= 1.2.8 - Authenticated (Contributor+) Stored Cross-Site Scripting | elementinvader | ElementInvader Addons for Elementor | Medium | 5.4 | 2024-10-16 05:31:57 | Deep Dive |
| CVE-2024-6757 | Elementor <= 3.23.5 - Authenticated (Contributor+) Basic Information Exposure via get_image_alt Function | elemntor | Elementor Website Builder – more than just a page builder | Medium | 4.3 | 2024-10-15 02:03:52 | Deep Dive |
| CVE-2024-8902 | Elementor Addon Elements <= 1.13.8 - Authenticated (Contributor+) Sensitive Information Exposure via table_saved_sections | wpvibes | Addon Elements for Elementor (formerly Elementor Addon Elements) | Medium | 4.3 | 2024-10-12 09:39:17 | Deep Dive |
| CVE-2024-47353 | WordPress ElementsReady Addons for Elementor plugin <= 6.4.2 - Open Redirection vulnerability | quomodosoft | ElementsReady Addons for Elementor | Medium | 4.7 | 2024-10-11 18:12:10 | Deep Dive |
| CVE-2024-9538 | ShopLentor <= 2.9.8 - Authenticated (Contributor+) Sensitive Information Exposure via WL: FAQ Widget Elementor Template | devitemsllc | ShopLentor – All-in-One WooCommerce Growth & Store Enhancement Plugin | Medium | 4.3 | 2024-10-11 11:01:55 | Deep Dive |
| CVE-2024-8913 | The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.6.11 - Authenticated (Contributor+) Sensitive Information Exposure via content_template | posimyththemes | The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce | Medium | 4.3 | 2024-10-11 08:30:46 | Deep Dive |
| CVE-2024-9064 | Elementor Inline SVG <= 1.2.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | namogo | Elementor Inline SVG | Medium | 6.4 | 2024-10-10 02:06:08 | Deep Dive |
| CVE-2024-8482 | Royal Elementor Addons and Templates <= 1.3.986 - Authenticated (Contributor+) Stored Cross-Site Scripting via Team Member Widget | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 6.4 | 2024-10-08 11:34:18 | Deep Dive |
| CVE-2024-44024 | WordPress Medical Addon for Elementor plugin <= 1.6.4 - Cross Site Scripting (XSS) vulnerability | nicheaddons | Medical Addon for Elementor | Medium | 6.5 | 2024-10-06 12:45:26 | Deep Dive |
| CVE-2024-44026 | WordPress Charity Addon for Elementor plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerability | nicheaddons | Charity Addon for Elementor | Medium | 6.5 | 2024-10-06 12:42:50 | Deep Dive |
| CVE-2024-44027 | WordPress Gum Elementor Addon plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability | Atawai | Gum Elementor Addon | Medium | 6.5 | 2024-10-06 12:41:26 | Deep Dive |
| CVE-2024-44032 | WordPress Restaurant & Cafe Addon for Elementor plugin <= 1.5.5 - Cross Site Scripting (XSS) vulnerability | nicheaddons | Restaurant & Cafe Addon for Elementor | Medium | 6.5 | 2024-10-06 12:27:14 | Deep Dive |
| CVE-2024-44033 | WordPress Primary Addon for Elementor plugin <= 1.5.7 - Cross Site Scripting (XSS) vulnerability | nicheaddons | Primary Addon for Elementor | Medium | 6.5 | 2024-10-06 12:19:09 | Deep Dive |
| CVE-2024-44035 | WordPress Gum Elementor Addon plugin <= 1.3.7 - Cross Site Scripting (XSS) vulnerability | Atawai | Gum Elementor Addon | Medium | 6.5 | 2024-10-06 12:17:47 | Deep Dive |