| CVE-2024-6804 | Jeg Elementor Kit <= 2.6.7 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File | jegtheme | Jeg Kit for Elementor – Powerful Addons for Elementor, Widgets & Templates for WordPress | Medium | 6.4 | 2024-08-27 06:48:04 | Deep Dive |
| CVE-2024-2254 | RT Easy Builder – Advanced addons for Elementor <= 2.3 - Authenticated (Contributor+) Stored Cross-site Scripting | risetheme | RT Easy Builder – Advanced addons for Elementor | Medium | 6.4 | 2024-08-24 02:32:20 | Deep Dive |
| CVE-2024-5502 | Piotnet Addons For Elementor <= 2.4.30 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets | piotnetdotcom | Piotnet Addons For Elementor | Medium | 6.4 | 2024-08-23 08:29:41 | Deep Dive |
| CVE-2024-5583 | The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Testimonials Widget Settings | posimyththemes | The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce | Medium | 6.4 | 2024-08-22 02:02:04 | Deep Dive |
| CVE-2024-5335 | Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider <= 1.6.4 - Unauthenticated PHP Object Injection | bdthemes | Ultimate Store Kit – Addon For WooCommerce, EDD and Elementor | Critical | 9.8 | 2024-08-21 08:29:15 | Deep Dive |
| CVE-2024-5576 | Tutor LMS Elementor Addons <= 2.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Course Carousel Widget | themeum | Tutor LMS Elementor Addons | Medium | 6.4 | 2024-08-20 05:30:03 | Deep Dive |
| CVE-2024-5763 | The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Video Widget | posimyththemes | The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce | Medium | 6.4 | 2024-08-20 03:21:10 | Deep Dive |
| CVE-2024-6575 | The Plus Addons for Elementor <= 5.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via TP Page Scroll Widget | posimyththemes | The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce | Medium | 6.4 | 2024-08-20 03:21:10 | Deep Dive |
| CVE-2024-43281 | WordPress Void Elementor Post Grid Addon for Elementor Page builder plugin <= 2.3 - Local File Inclusion vulnerability | VOID CODERS | Void Elementor Post Grid Addon for Elementor Page builder | Medium | 5.3 | 2024-08-19 17:47:19 | Deep Dive |
| CVE-2024-43271 | WordPress Widgets for WooCommerce Products on Elementor plugin <= 2.0.0 - Local File Inclusion vulnerability | Themelocation | Woo Products Widgets For Elementor | High | 8.5 | 2024-08-19 17:41:38 | Deep Dive |
| CVE-2024-43267 | WordPress Mega Addons For Elementor plugin <= 1.9 - Cross Site Scripting (XSS) vulnerability | Qamar Sheeraz, Nasir Ahmad, GenialSouls | Mega Addons For Elementor | Medium | 6.5 | 2024-08-18 21:19:59 | Deep Dive |
| CVE-2024-43291 | WordPress Void Contact Form 7 Widget For Elementor Page Builder plugin <= 2.4.1 - Cross Site Scripting (XSS) vulnerability | voidCoders | Void Contact Form 7 Widget For Elementor Page Builder | Medium | 5.9 | 2024-08-18 21:13:32 | Deep Dive |
| CVE-2024-43292 | WordPress Envo's Elementor Templates & Widgets for WooCommerce plugin <= 1.4.16 - Cross Site Scripting (XSS) vulnerability | EnvoThemes | Envo's Elementor Templates & Widgets for WooCommerce | Medium | 5.9 | 2024-08-18 21:12:15 | Deep Dive |
| CVE-2024-43324 | WordPress Clever Addons for Elementor plugin <= 2.2.0 - Cross Site Scripting (XSS) vulnerability | CleverSoft | Clever Addons for Elementor | Medium | 5.9 | 2024-08-18 13:44:49 | Deep Dive |
| CVE-2024-43342 | WordPress Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider plugin <= 1.6.4 - Cross Site Scripting (XSS) vulnerability | BdThemes | Ultimate Store Kit Elementor Addons | Medium | 6.5 | 2024-08-18 13:22:30 | Deep Dive |
| CVE-2023-0714 | Metform Elementor Contact Form Builder <= 3.2.4 - Unauthenticated Double-Extension Arbitrary File Upload | roxnor | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor | High | 8.1 | 2024-08-17 09:38:58 | Deep Dive |
| CVE-2024-6459 | News Element Elementor Blog Magazine < 1.0.6 - Unauthenticated LFI | Unknown | News Element Elementor Blog Magazine | - | - | 2024-08-17 06:00:03 | Deep Dive |
| CVE-2024-7146 | JetTabs <= 2.2.3 - Authenticated (Contributor+) Arbitrary Local File Inclusion | Crocoblock | JetTabs | High | 8.8 | 2024-08-16 10:59:56 | Deep Dive |
| CVE-2024-7147 | JetBlocks <= 1.3.12 - Authenticated (Contributor+) Stored Cross-Site Scripting | Crocoblock | JetBlocks for Elementor | Medium | 6.4 | 2024-08-16 10:59:54 | Deep Dive |
| CVE-2024-43140 | WordPress Ultimate Bootstrap Elements for Elementor plugin <= 1.4.4 - Local File Inclusion vulnerability | G5Theme | Ultimate Bootstrap Elements for Elementor | High | 7.5 | 2024-08-13 11:36:56 | Deep Dive |