| CVE-2023-33930 | WordPress Unlimited Elements For Elementor plugin <= 1.5.66 - Unrestricted Zip Extraction vulnerability | Unlimited Elements | Unlimited Elements For Elementor (Free Widgets, Addons, Templates) | Critical | 9.1 | 2024-06-04 07:08:04 | Deep Dive |
| CVE-2024-4697 | Cowidgets – Elementor Addons <= 1.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via heading_tag Parameter | codelessthemes | Cowidgets – Elementor Addons | Medium | 6.4 | 2024-06-04 05:32:16 | Deep Dive |
| CVE-2024-34789 | WordPress Post Grid Elementor Addon plugin <= 2.0.16 - Cross Site Scripting (XSS) vulnerability | WP Hait | Post Grid Elementor Addon | Medium | 6.5 | 2024-06-03 10:58:28 | Deep Dive |
| CVE-2024-34791 | WordPress WPB Elementor Addons plugin <= 1.0.9 - Cross Site Scripting (XSS) vulnerability | wpbean | WPB Elementor Addons | Medium | 6.5 | 2024-06-03 10:55:52 | Deep Dive |
| CVE-2024-5348 | Elements For Elementor <= 2.1 - Authenticated (Contributor+) Local File Inclusion via Multiple Widget Attributes | nicdark | Elements For Elementor | High | 8.8 | 2024-06-01 08:38:57 | Deep Dive |
| CVE-2024-4087 | Royal Elementor Addons and Templates <= 1.3.975 - Authenticated (Contributor+) Stored Cross-Site Scripting via Back to Top Widget | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 6.4 | 2024-06-01 05:38:11 | Deep Dive |
| CVE-2024-4342 | Royal Elementor Addons and Templates <= 1.3.975 - Authenticated (Contributor+) Stored Cross-Site Scripting | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 6.4 | 2024-06-01 05:38:10 | Deep Dive |
| CVE-2024-5041 | Happy Addons for Elementor <= 3.10.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Accordion | thehappymonster | Happy Addons for Elementor | Medium | 6.4 | 2024-05-31 09:31:41 | Deep Dive |
| CVE-2024-5347 | Happy Addons for Elementor <= 3.10.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Navigation Widget | thehappymonster | Happy Addons for Elementor | Medium | 6.4 | 2024-05-31 09:31:39 | Deep Dive |
| CVE-2024-4376 | Premium Addons for Elementor <= 4.10.31 - Authenticated (Contributor+) Stored Cross-Site Scripting via Fancy Text Widget | leap13 | Premium Addons for Elementor – Powerful Elementor Templates & Widgets | Medium | 6.4 | 2024-05-31 05:31:58 | Deep Dive |
| CVE-2024-4379 | Premium Addons for Elementor <= 4.10.31 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Global Tooltip | leap13 | Premium Addons for Elementor – Powerful Elementor Templates & Widgets | Medium | 5.4 | 2024-05-31 05:31:58 | Deep Dive |
| CVE-2024-4205 | Premium Addons for Elementor <= 4.10.31 - Missing Authorization to Information Disclosure | leap13 | Premium Addons for Elementor – Powerful Elementor Templates & Widgets | Medium | 4.3 | 2024-05-31 05:31:57 | Deep Dive |
| CVE-2024-5418 | DethemeKit For Elementor <= 2.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via slitems Attribute | detheme | DethemeKit for Elementor | Medium | 6.4 | 2024-05-31 02:41:09 | Deep Dive |
| CVE-2024-5345 | Responsive Owl Carousel for Elementor <= 1.2.0 - Local File Inclusion | thenahidul | Responsive Owl Carousel for Elementor | High | 8.8 | 2024-05-31 02:41:08 | Deep Dive |
| CVE-2024-4668 | Gum Elementor Addon <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Price Table and Post Slider Widgets | celomitan | Gum Addon for Elementor | Medium | 6.4 | 2024-05-30 09:30:41 | Deep Dive |
| CVE-2024-5073 | Essential Addons for Elementor <= 5.9.21 - Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Feed | wpdevteam | Essential Addons for Elementor – Popular Elementor Templates & Widgets | Medium | 6.4 | 2024-05-30 06:48:09 | Deep Dive |
| CVE-2024-5327 | PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) <= 2.7.19 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting | ideaboxcreations | PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) | Medium | 6.4 | 2024-05-30 06:48:08 | Deep Dive |
| CVE-2024-5341 | The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Heading Title Widget | posimyththemes | The Plus Addons for Elementor Page Builder Pro | Medium | 6.4 | 2024-05-30 05:33:16 | Deep Dive |
| CVE-2024-2253 | Testimonial Carousel For Elementor <= 10.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting | uapp | Testimonial Carousel For Elementor | Medium | 6.4 | 2024-05-30 03:34:30 | Deep Dive |
| CVE-2024-3063 | WPB Elementor Addons <= 1.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting | wpbean | WPB Addons for Elementor – News Ticker, Timeline, Team & More Widgets | Medium | 6.4 | 2024-05-30 03:34:29 | Deep Dive |