| CVE-2024-4262 | Piotnet Addons For Elementor <= 2.4.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widget Attributes | piotnetdotcom | Piotnet Addons For Elementor | Medium | 6.4 | 2024-05-22 09:31:40 | Deep Dive |
| CVE-2024-4896 | WPB Elementor Addons <= 1.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Parameter | wpbean | WPB Addons for Elementor – News Ticker, Timeline, Team & More Widgets | Medium | 6.4 | 2024-05-22 08:31:21 | Deep Dive |
| CVE-2024-5147 | WPZOOM Addons for Elementor (Templates, Widgets) <= 1.1.37 - Unauthenticated Local File Inclusion | wpzoom | WPZOOM Addons for Elementor – Starter Templates & Widgets | Critical | 9.8 | 2024-05-22 07:37:26 | Deep Dive |
| CVE-2024-3927 | Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) <= 5.6.3 - Form Submission Admin Email Bypass | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 5.3 | 2024-05-22 06:50:34 | Deep Dive |
| CVE-2024-3066 | Elegant Addons for elementor <= 1.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via HTML tags | aruphash | Elegant Addons for elementor | Medium | 6.4 | 2024-05-22 05:32:49 | Deep Dive |
| CVE-2024-5092 | Elegant Addons for elementor <= 1.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Switcher, Slider, and Iconbox Widgets | aruphash | Elegant Addons for elementor | Medium | 6.4 | 2024-05-22 05:32:48 | Deep Dive |
| CVE-2024-3611 | Toolbar Extras for Elementor & More – WordPress Admin Bar Enhanced <= 1.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting | daveshine | Toolbar Extras for Elementor & More – WordPress Admin Bar Enhanced | Medium | 6.4 | 2024-05-22 05:32:47 | Deep Dive |
| CVE-2024-4980 | WPKoi Templates for Elementor <= 2.5.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Parameters | wpkoithemes | WPKoi Templates for Elementor | Medium | 6.4 | 2024-05-22 04:30:29 | Deep Dive |
| CVE-2024-4619 | Elementor Website Builder – More than Just a Page Builder <= 3.21.5 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting | elemntor | Elementor Website Builder – more than just a page builder | Medium | 6.4 | 2024-05-21 11:02:29 | Deep Dive |
| CVE-2024-4876 | HT Mega – Absolute Addons For Elementor <= 2.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting | devitemsllc | HT Mega Addons for Elementor – Elementor Widgets & Template Builder | Medium | 6.4 | 2024-05-21 11:02:28 | Deep Dive |
| CVE-2024-4695 | Move Addons for Elementor <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets | moveaddons | Move Addons for Elementor | Medium | 6.4 | 2024-05-21 09:31:50 | Deep Dive |
| CVE-2024-3345 | ShopLentor <= 2.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via woolentorsearch Shortcode | devitemsllc | ShopLentor – All-in-One WooCommerce Growth & Store Enhancement Plugin | Medium | 6.4 | 2024-05-21 08:31:05 | Deep Dive |
| CVE-2024-4566 | ShopLentor <= 2.8.8 - Missing Authorization to WordPress Option Modification | devitemsllc | ShopLentor – All-in-One WooCommerce Growth & Store Enhancement Plugin | High | 7.1 | 2024-05-21 08:31:04 | Deep Dive |
| CVE-2024-4875 | HT Mega – Absolute Addons For Elementor <= 2.5.2 - Missing Authorization to Options Update | devitemsllc | HT Mega Addons for Elementor – Elementor Widgets & Template Builder | Medium | 4.3 | 2024-05-21 08:31:04 | Deep Dive |
| CVE-2024-5088 | Happy Addons for Elementor <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting | thehappymonster | Happy Addons for Elementor | Medium | 6.4 | 2024-05-18 11:36:00 | Deep Dive |
| CVE-2024-4432 | Piotnet Addons For Elementor <= 2.4.26 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets | piotnetdotcom | Piotnet Addons For Elementor | Medium | 6.4 | 2024-05-18 09:39:38 | Deep Dive |
| CVE-2024-4698 | Testimonial Carousel For Elementor <= 10.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | uapp | Testimonial Carousel For Elementor | Medium | 6.4 | 2024-05-18 07:38:34 | Deep Dive |
| CVE-2024-4374 | DethemeKit For Elementor <= 2.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets | detheme | DethemeKit for Elementor | Medium | 6.4 | 2024-05-18 04:30:52 | Deep Dive |
| CVE-2024-4865 | Happy Addons for Elementor <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via _id Parameter | thehappymonster | Happy Addons for Elementor | Medium | 6.4 | 2024-05-18 03:06:58 | Deep Dive |
| CVE-2024-32786 | WordPress Royal Elementor Addons and Templates plugin <= 1.3.93 - IP Bypass vulnerability | WP Royal | Royal Elementor Addons | Medium | 5.3 | 2024-05-17 09:38:22 | Deep Dive |