| CVE-2024-38730 | WordPress Magical Addons For Elementor plugin <= 1.1.41 - Server Side Request Forgery (SSRF) vulnerability | Noor alam | Magical Addons For Elementor | Medium | 4.9 | 2024-07-22 10:21:34 | Deep Dive |
| CVE-2024-33933 | WordPress Elementor Header & Footer Builder plugin <= 1.6.35 - Contributor+ DOM-Based Cross Site Scripting (XSS) vulnerability | Brainstorm Force, Nikhil Chavan | Elementor – Header, Footer & Blocks Template | Medium | 6.5 | 2024-07-22 10:04:08 | Deep Dive |
| CVE-2024-35656 | WordPress Elementor Pro <= 3.21.2 - Reflected Cross Site Scripting (XSS) vulnerability | Elementor | Elementor Pro | High | 7.1 | 2024-07-22 10:02:01 | Deep Dive |
| CVE-2024-37229 | WordPress Blogmentor – Blog Layouts for Elementor plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability | AuburnForest | Blogmentor – Blog Layouts for Elementor | Medium | 6.5 | 2024-07-22 09:16:05 | Deep Dive |
| CVE-2024-37565 | WordPress Gum Elementor Addon plugin <= 1.3.5 - Cross Site Scripting (XSS) vulnerability | TemeGUM | Gum Elementor Addon | Medium | 5.9 | 2024-07-20 09:02:55 | Deep Dive |
| CVE-2024-37922 | WordPress Premium Addons for Elementor plugin <= 4.10.34 - Cross Site Scripting (XSS) vulnerability | Leap13 | Premium Addons for Elementor | Medium | 6.5 | 2024-07-20 08:57:56 | Deep Dive |
| CVE-2024-37951 | WordPress Magical Posts Display plugin <= 1.2.38 - Cross Site Scripting (XSS) vulnerability | Noor alam | Magical Posts Display – Elementor & Gutenberg Posts Blocks | Medium | 6.5 | 2024-07-20 08:23:32 | Deep Dive |
| CVE-2024-38674 | WordPress SKT Addons for Elementor plugin <= 3.0 - Cross Site Scripting (XSS) vulnerability | SKT Themes | SKT Addons for Elementor | Medium | 6.5 | 2024-07-20 07:54:17 | Deep Dive |
| CVE-2024-38681 | WordPress Magical Addons For Elementor plugin <= 1.1.41 - Cross Site Scripting (XSS) vulnerability | Noor alam | Magical Addons For Elementor | Medium | 6.5 | 2024-07-20 07:45:38 | Deep Dive |
| CVE-2024-38686 | WordPress FancyPost plugin <= 5.3.1 - Cross Site Scripting (XSS) vulnerability | Pluginic | FancyPost – Best Ultimate Post Block, Post Grid, Layouts, Carousel, Slider For Gutenberg & Elementor | Medium | 6.5 | 2024-07-20 07:40:06 | Deep Dive |
| CVE-2024-38687 | WordPress Sky Addons for Elementor plugin <= 2.5.5 - Cross Site Scripting (XSS) vulnerability | wowDevs | Sky Addons for Elementor | Medium | 6.5 | 2024-07-20 07:39:06 | Deep Dive |
| CVE-2024-38705 | WordPress ElementInvader Addons for Elementor plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability | ElementInvader | ElementInvader Addons for Elementor | Medium | 6.5 | 2024-07-20 07:30:34 | Deep Dive |
| CVE-2024-38710 | WordPress Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin <= 2.0.6.2 - Cross Site Scripting (XSS) vulnerability | Jewel Theme | Master Addons for Elementor | Medium | 5.9 | 2024-07-20 07:29:40 | Deep Dive |
| CVE-2024-38718 | WordPress Download Button for Elementor plugin <= 1.2.1 - Cross Site Scripting (XSS) vulnerability | clicklabs® Medienagentur | Download Button for Elementor | Medium | 6.5 | 2024-07-20 07:23:46 | Deep Dive |
| CVE-2024-6455 | ElementsKit Elementor addons <= 3.2.0 - Unauthenticated Information Exposure via ekit_widgetarea_content Function | roxnor | ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor | Medium | 5.3 | 2024-07-18 20:32:38 | Deep Dive |
| CVE-2024-5555 | Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) <= 5.6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 6.4 | 2024-07-18 08:33:04 | Deep Dive |
| CVE-2024-5554 | Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) <= 5.6.11 - Authenticated (Contributor+) Stored Cross-Site Scripting | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 6.4 | 2024-07-18 08:33:03 | Deep Dive |
| CVE-2024-4780 | Image Hover Effects – Elementor Addon <= 1.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via eihe_link Parameter | blocksera | Image Hover Effects – Elementor Addon | Medium | 6.4 | 2024-07-16 06:43:33 | Deep Dive |
| CVE-2024-6495 | Premium Addons for Elementor <= 4.10.36 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Animated Text Widget | leap13 | Premium Addons for Elementor – Powerful Elementor Templates & Widgets | Medium | 6.4 | 2024-07-12 12:46:55 | Deep Dive |
| CVE-2024-4866 | UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode) <= 1.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets | codersaiful | UltraAddons for Elementor | Medium | 6.4 | 2024-07-10 02:02:43 | Deep Dive |