| CVE-2024-24934 | WordPress Elementor plugin <= 3.19.0 - Arbitrary File Deletion and Phar Deserialization vulnerability | Elementor | Elementor Website Builder | High | 8.5 | 2024-05-17 08:50:02 | Deep Dive |
| CVE-2023-50890 | WordPress Ultimate Addons for Elementor plugin <= 1.36.20 - Privilege Escalation vulnerability | Brainstorm Force | Ultimate Addons for Elementor | High | 8.8 | 2024-05-17 08:39:33 | Deep Dive |
| CVE-2023-47679 | WordPress Qi Addons For Elementor plugin <= 1.6.3 - Local File Inclusion vulnerability | QODE Interactive | Qi Addons For Elementor | Medium | 6.4 | 2024-05-17 08:35:39 | Deep Dive |
| CVE-2023-47178 | WordPress The Plus Addons for Elementor Pro plugin <= 5.2.8 - Unauthenticated Local File Inclusion vulnerability | POSIMYTH Innovation | The Plus Addons for Elementor Pro | High | 8.6 | 2024-05-17 08:35:08 | Deep Dive |
| CVE-2023-41955 | WordPress Essential Addons for Elementor plugin <= 5.8.8 - Contributor+ Privilege Escalation vulnerability | WPDeveloper | Essential Addons for Elementor | High | 8.8 | 2024-05-17 06:55:35 | Deep Dive |
| CVE-2024-34575 | WordPress DethemeKit For Elementor plugin <= 2.1.2 - Cross Site Scripting (XSS) vulnerability | deTheme | DethemeKit For Elementor | Medium | 6.5 | 2024-05-17 06:03:34 | Deep Dive |
| CVE-2024-3134 | Master Addons for Elementor <= 2.0.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | litonice13 | Master Addons For Elementor – Widgets, Extensions, Theme Builder, Popup Builder & Template Kits | Medium | 6.4 | 2024-05-16 21:30:56 | Deep Dive |
| CVE-2024-2619 | Elementor Header & Footer Builder <= 1.6.26 - Authenticated (Author+) HTML Injection | brainstormforce | Ultimate Addons for Elementor | Medium | 5.0 | 2024-05-16 20:31:04 | Deep Dive |
| CVE-2024-4580 | Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor <= 2.0.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | litonice13 | Master Addons For Elementor – Widgets, Extensions, Theme Builder, Popup Builder & Template Kits | Medium | 6.4 | 2024-05-16 11:33:33 | Deep Dive |
| CVE-2024-4634 | Elementor Header & Footer Builder <= 1.6.28 - Authenticated (Contributor+) Stored Cross-Site Scripting | brainstormforce | Ultimate Addons for Elementor | Medium | 6.4 | 2024-05-16 11:05:30 | Deep Dive |
| CVE-2024-4391 | Happy Addons for Elementor Authenticated (Contributor+) Stored-XSS <= 3.10.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Event Calendar Widget | thehappymonster | Happy Addons for Elementor | Medium | 6.4 | 2024-05-16 08:32:51 | Deep Dive |
| CVE-2024-3887 | Royal Elementor Addons and Templates <= 1.3.974 - Authenticated (Contributor+) Stored Cross-Site Scripting via Form Builder Widget | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 5.4 | 2024-05-16 08:32:48 | Deep Dive |
| CVE-2024-4478 | Happy Addons for Elementor <= 3.10.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Stack Group Widget | thehappymonster | Happy Addons for Elementor | Medium | 6.4 | 2024-05-16 07:32:42 | Deep Dive |
| CVE-2024-4702 | Mega Elements <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button Widget | kraftplugins | Mega Elements – Addons for Elementor | Medium | 6.4 | 2024-05-15 11:33:08 | Deep Dive |
| CVE-2024-4373 | Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) <= 3.5.3 - Authenticated (Contributor+) Stored Cross-site Scriping via 'Sina Particle Layer' | shaonsina | Sina Extension for Elementor | Medium | 6.4 | 2024-05-15 01:56:56 | Deep Dive |
| CVE-2024-4618 | Exclusive Addons for Elementor <= 2.6.9.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Team Member Widget | timstrifler | Exclusive Addons for Elementor | Medium | 6.4 | 2024-05-15 01:56:54 | Deep Dive |
| CVE-2024-4370 | WPZOOM Addons for Elementor (Templates, Widgets) <= 1.1.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Box Widget | wpzoom | WPZOOM Addons for Elementor – Starter Templates & Widgets | Medium | 6.4 | 2024-05-14 23:31:46 | Deep Dive |
| CVE-2024-4666 | Borderless - Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets | visualmodo | Borderless – Addons and Templates for Elementor | Medium | 6.4 | 2024-05-14 22:31:38 | Deep Dive |
| CVE-2024-4333 | Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) <= 3.5.3 - Authenticated (Contributor+) DOM-Based Cross-Site Scripting | shaonsina | Sina Extension for Elementor | Medium | 6.4 | 2024-05-14 12:50:02 | Deep Dive |
| CVE-2024-4624 | Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.20 - Authenticated (Contributor+) Stored Cross-Site Scripting | wpdevteam | Essential Addons for Elementor – Popular Elementor Templates & Widgets | Medium | 6.4 | 2024-05-14 11:33:11 | Deep Dive |