| CVE-2024-5153 | Startklar Elementor Addons <= 1.7.15 - Unauthenticated Path Traversal to Arbitrary Directory Deletion | wshberlin | Startklar Elementor Addons | Critical | 9.1 | 2024-06-06 03:53:10 | Deep Dive |
| CVE-2024-4458 | Themesflat Addons For Elementor <= 2.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via URLs | themesflat | Themesflat Addons For Elementor | Medium | 6.4 | 2024-06-06 03:32:56 | Deep Dive |
| CVE-2024-4212 | Themesflat Addons For Elementor <= 2.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting in Multiple Widgets | themesflat | Themesflat Addons For Elementor | Medium | 6.4 | 2024-06-06 03:32:55 | Deep Dive |
| CVE-2024-4459 | Themesflat Addons For Elementor <= 2.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Widget Titles | themesflat | Themesflat Addons For Elementor | Medium | 6.4 | 2024-06-06 03:32:54 | Deep Dive |
| CVE-2024-2922 | Themesflat Addons For Elementor <= 2.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Widget Tags | themesflat | Themesflat Addons For Elementor | Medium | 6.4 | 2024-06-06 03:32:51 | Deep Dive |
| CVE-2024-4364 | Qi Addons For Elementor <= 1.7.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button Widget | qodeinteractive | Qi Addons For Elementor | Medium | 6.4 | 2024-06-06 03:32:50 | Deep Dive |
| CVE-2024-5179 | Cowidgets – Elementor Addons <= 1.1.2 - Authenticated (Contributor+) Local File Inclusion | codelessthemes | Cowidgets – Elementor Addons | High | 8.8 | 2024-06-06 02:03:02 | Deep Dive |
| CVE-2024-2350 | Clever Addons for Elementor <= 2.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple CAFE Widgets | zootemplate | Clever Addons for Elementor | Medium | 6.4 | 2024-06-06 02:03:01 | Deep Dive |
| CVE-2024-5001 | Image Hover Effects for Elementor with Lightbox and Flipbox <= 3.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via _id, oxi_addons_f_title_tag, and content_description_tag Parameters | biplob018 | Image Hover Effects for Elementor with Lightbox and Flipbox | Medium | 6.4 | 2024-06-06 02:02:58 | Deep Dive |
| CVE-2024-0910 | Restrict for Elementor <= 1.0.7 - Protection Mechanism Bypass | restrict | Restrict for Elementor | Medium | 5.3 | 2024-06-06 02:02:55 | Deep Dive |
| CVE-2024-4788 | Boostify Header Footer Builder for Elementor <= 1.3.5 - Missing Authorization to Page/Post Creation | duongancol | Boostify Header Footer Builder for Elementor | Medium | 4.3 | 2024-06-06 02:02:51 | Deep Dive |
| CVE-2024-35674 | WordPress Unlimited Elements For Elementor plugin <= 1.5.109 - Broken Access Control vulnerability | Unlimited Elements | Unlimited Elements For Elementor (Free Widgets, Addons, Templates) | Medium | 4.3 | 2024-06-05 16:19:34 | Deep Dive |
| CVE-2024-5571 | EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via EmbedPress PDF Widget | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-06-05 08:33:16 | Deep Dive |
| CVE-2024-5006 | Boostify Header Footer Builder for Elementor <= 1.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via size Parameter | duongancol | Boostify Header Footer Builder for Elementor | Medium | 6.4 | 2024-06-05 07:34:53 | Deep Dive |
| CVE-2024-30525 | WordPress Move Addons for Elementor plugin <= 1.2.9 - Broken Access Control vulnerability | moveaddons | Move Addons for Elementor | Medium | 5.3 | 2024-06-04 19:24:43 | Deep Dive |
| CVE-2024-30484 | WordPress RT Easy Builder plugin <= 2.0 - Broken Access Control vulnerability | - | RT Easy Builder – Advanced addons for Elementor | Medium | 4.3 | 2024-06-04 19:08:24 | Deep Dive |
| CVE-2024-35666 | WordPress Themesflat Addons For Elementor plugin <= 2.1.2 - Cross Site Scripting (XSS) vulnerability | Themesflat | Themesflat Addons For Elementor | Medium | 6.5 | 2024-06-04 13:53:00 | Deep Dive |
| CVE-2024-35782 | WordPress Cowidgets – Elementor Addons plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability | Codeless | Cowidgets – Elementor Addons | Medium | 6.5 | 2024-06-04 13:46:24 | Deep Dive |
| CVE-2024-34384 | WordPress Sina Extension for Elementor plugin <= 3.5.1 - Local File Inclusion vulnerability | SinaExtra | Sina Extension for Elementor | Medium | 6.5 | 2024-06-04 13:17:11 | Deep Dive |
| CVE-2024-33541 | WordPress Better Elementor Addons plugin <= 1.4.1 - Local File Inclusion vulnerability | BetterAddons | Better Elementor Addons | Medium | 6.5 | 2024-06-04 13:04:16 | Deep Dive |