| CVE-2024-8668 | ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) <= 2.9.7 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting | devitemsllc | ShopLentor – All-in-One WooCommerce Growth & Store Enhancement Plugin | Medium | 6.4 | 2024-09-25 04:30:28 | Deep Dive |
| CVE-2024-8516 | Themesflat Addons For Elementor <= 2.2.1 - Authenticated (Contributor+) Information Exposure | themesflat | Themesflat Addons For Elementor | Medium | 4.3 | 2024-09-25 03:27:41 | Deep Dive |
| CVE-2024-8515 | Themesflat Addons For Elementor <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | themesflat | Themesflat Addons For Elementor | Medium | 6.4 | 2024-09-25 03:27:39 | Deep Dive |
| CVE-2024-9068 | OneElements – Best Elementor Addons <= 1.3.7 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | themexclub | OneElements – Best Elementor Addons | Medium | 6.4 | 2024-09-25 02:05:11 | Deep Dive |
| CVE-2024-9069 | Graphicsly – The ultimate graphics plugin for WordPress website builder ( Gutenberg, Elementor, Beaver Builder, WPBakery ) <= 1.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | besnikac | Graphicsly – The ultimate graphics plugin for WordPress website builder ( Gutenberg, Elementor, Beaver Builder, WPBakery ) | Medium | 6.4 | 2024-09-25 02:05:07 | Deep Dive |
| CVE-2024-8801 | Happy Addons for Elementor <= 3.12.2 - Authenticated (Contributor+) Sensitive Information Exposure | thehappymonster | Happy Addons for Elementor | Medium | 4.3 | 2024-09-24 11:00:46 | Deep Dive |
| CVE-2024-44001 | WordPress Royal Elementor Addons and Templates plugin <= 1.3.982 - Cross Site Scripting (XSS) vulnerability | WP Royal | Royal Elementor Addons | Medium | 6.5 | 2024-09-17 23:13:11 | Deep Dive |
| CVE-2024-44007 | WordPress SKT Templates – Elementor & Gutenberg templates plugin <= 6.14 - Reflected Cross Site Scripting (XSS) vulnerability | sonalsinha21 | SKT Templates – Elementor & Gutenberg templates | High | 7.1 | 2024-09-17 23:04:41 | Deep Dive |
| CVE-2024-43977 | WordPress The Plus Addons for Elementor plugin <= 5.6.2 - Cross Site Scripting (XSS) vulnerability | POSIMYTH | The Plus Addons for Elementor Page Builder Lite | Medium | 5.9 | 2024-09-17 22:38:59 | Deep Dive |
| CVE-2024-8742 | Essential Addons for Elementor <= 6.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Filterable Gallery Widget | wpdevteam | Essential Addons for Elementor – Popular Elementor Templates & Widgets | Medium | 6.4 | 2024-09-13 06:47:29 | Deep Dive |
| CVE-2024-5416 | Elementor Website Builder – More than Just a Page Builder <= 3.23.4 - Authenticated (Contributor+) Stored Cross-Site Scripting in the URL Parameter in Multiple Widgets | elemntor | Elementor Website Builder – more than just a page builder | Medium | 5.4 | 2024-09-11 11:32:03 | Deep Dive |
| CVE-2024-8440 | Essential Addons for Elementor -- Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 6.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Fancy Text Widget | wpdevteam | Essential Addons for Elementor – Popular Elementor Templates & Widgets | Medium | 6.4 | 2024-09-11 06:42:25 | Deep Dive |
| CVE-2024-6282 | Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor <= 2.0.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via data-jltma-wrapper-link Element | litonice13 | Master Addons For Elementor – Widgets, Extensions, Theme Builder, Popup Builder & Template Kits | Medium | 5.4 | 2024-09-10 11:30:31 | Deep Dive |
| CVE-2024-7611 | Enter Addons – Ultimate Template Builder for Elementor <= 2.1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Events Card Widget | themelooks | Enter Addons – Ultimate Template Builder for Elementor | Medium | 6.4 | 2024-09-06 13:55:22 | Deep Dive |
| CVE-2024-7122 | Elementor Addon Elements <= 1.13.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets | wpvibes | Addon Elements for Elementor (formerly Elementor Addon Elements) | Medium | 6.4 | 2024-08-30 09:29:48 | Deep Dive |
| CVE-2024-4401 | Elementor Addon Elements <= 1.13.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via id and eae_slider_animation Parameters | wpvibes | Addon Elements for Elementor (formerly Elementor Addon Elements) | Medium | 6.4 | 2024-08-30 03:24:17 | Deep Dive |
| CVE-2024-7418 | The Post Grid <= 7.7.11 - Authenticated (Contributor+) Information Disclosure | techlabpro1 | The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid | Medium | 4.3 | 2024-08-29 03:52:58 | Deep Dive |
| CVE-2024-8030 | Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider <= 2.0.3 - Unauthenticated PHP Object Injection | bdthemes | Ultimate Store Kit – Addon For WooCommerce, EDD and Elementor | Critical | 9.8 | 2024-08-28 02:05:47 | Deep Dive |
| CVE-2024-7791 | 140+ Widgets | Xpro Addons For Elementor – FREE <= 1.4.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Grid Widget | xpro | Xpro Addons — 140+ Widgets for Elementor | Medium | 6.4 | 2024-08-27 10:59:49 | Deep Dive |
| CVE-2024-6804 | Jeg Elementor Kit <= 2.6.7 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File | jegtheme | Jeg Kit for Elementor – Powerful Addons for Elementor, Widgets & Templates for WordPress | Medium | 6.4 | 2024-08-27 06:48:04 | Deep Dive |