| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-66136 | WordPress Carter for Elementor plugin <= 1.0.2 - Broken Access Control vulnerability | merkulove | Carter for Elementor | Medium | 5.4 | 2026-01-22 16:51:50 | Deep Dive |
| CVE-2025-66137 | WordPress Searcher for Elementor plugin <= 1.0.3 - Broken Access Control vulnerability | merkulove | Searcher for Elementor | Medium | 5.4 | 2026-01-22 16:51:50 | Deep Dive |
| CVE-2025-66138 | WordPress Motionger for Elementor plugin <= 2.0.4 - Broken Access Control vulnerability | merkulove | Motionger for Elementor | Medium | 5.4 | 2026-01-22 16:51:50 | Deep Dive |
| CVE-2025-66139 | WordPress Audier For Elementor plugin <= 1.0.9 - Broken Access Control vulnerability | merkulove | Audier For Elementor | Medium | 5.4 | 2026-01-22 16:51:50 | Deep Dive |
| CVE-2025-66140 | WordPress Uper for Elementor plugin <= 1.0.5 - Broken Access Control vulnerability | merkulove | Uper for Elementor | Medium | 5.4 | 2026-01-22 16:51:50 | Deep Dive |
| CVE-2025-66135 | WordPress Imager for Elementor plugin <= 2.0.4 - Broken Access Control vulnerability | merkulove | Imager for Elementor | Medium | 5.4 | 2026-01-22 16:51:49 | Deep Dive |
| CVE-2025-63026 | WordPress Grand Restaurant Theme Elements for Elementor plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability | ThemeGoods | Grand Restaurant Theme Elements for Elementor | Medium | 6.5 | 2026-01-22 16:51:49 | Deep Dive |
| CVE-2025-31413 | WordPress Element Pack Elementor Addons plugin <= 8.3.13 - Cross Site Request Forgery (CSRF) vulnerability | bdthemes | Element Pack Elementor Addons | Medium | 4.3 | 2026-01-22 16:51:39 | Deep Dive |
| CVE-2026-0920 | LA-Studio Element Kit for Elementor <= 1.5.6.3 - Unauthenticated Privilege Escalation via Backdoor to Administrative User Creation via lakit_bkrole parameter | choijun | LA-Studio Element Kit for Elementor | Critical | 9.8 | 2026-01-22 06:47:20 | Deep Dive |
| CVE-2026-1004 | Essential Addons for Elementor <= 6.5.5 - Missing Authorization to Unauthenticated Sensitive Information Exposure | wpdevteam | Essential Addons for Elementor – Popular Elementor Templates & Widgets | Medium | 5.3 | 2026-01-16 08:23:38 | Deep Dive |
| CVE-2026-0831 | Templately <= 3.4.8 - Unauthenticated Limited Arbitrary JSON File Write | wpdevteam | Templately – Elementor & Gutenberg Template Library: 6500+ Free & Pro Ready Templates And Cloud! | Medium | 5.3 | 2026-01-10 09:22:18 | Deep Dive |
| CVE-2025-14980 | BetterDocs <= 4.3.3 - Authenticated (Contributor+) Sensitive Information Exposure | wpdevteam | BetterDocs – Knowledge Base Docs & FAQ Solution for Elementor & Block Editor | Medium | 6.5 | 2026-01-09 06:34:53 | Deep Dive |
| CVE-2026-22518 | WordPress X Addons for Elementor plugin <= 1.0.23 - Cross Site Scripting (XSS) vulnerability | pencilwp | X Addons for Elementor | Medium | 6.5 | 2026-01-08 16:21:08 | Deep Dive |
| CVE-2025-14275 | Jeg Elementor Kit <= 3.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget | jegtheme | Jeg Kit for Elementor – Powerful Addons for Elementor, Widgets & Templates for WordPress | Medium | 6.4 | 2026-01-08 02:21:16 | Deep Dive |
| CVE-2025-46434 | WordPress The Plus Addons for Elementor Pro plugin < 6.3.7 - Broken Access Control vulnerability | POSIMYTH Innovation | The Plus Addons for Elementor Pro | 中危 | - | 2026-01-07 12:35:32 | Deep Dive |
| CVE-2025-69357 | WordPress TheGem Theme Elements (for Elementor) plugin <= 5.11.0 - Cross Site Scripting (XSS) vulnerability | CodexThemes | TheGem Theme Elements (for Elementor) | Medium | 6.5 | 2026-01-06 16:36:42 | Deep Dive |
| CVE-2025-69363 | WordPress Responsive Addons for Elementor plugin <= 2.0.8 - Broken Access Control vulnerability | CyberChimps | Responsive Addons for Elementor | Medium | 6.5 | 2026-01-06 16:36:42 | Deep Dive |
| CVE-2025-69356 | WordPress TheGem Theme Elements (for Elementor) plugin <= 5.11.0 - Local File Inclusion vulnerability | CodexThemes | TheGem Theme Elements (for Elementor) | High | 7.5 | 2026-01-06 16:36:41 | Deep Dive |
| CVE-2025-69336 | WordPress Ultimate Store Kit Elementor Addons plugin <= 2.9.4 - Broken Access Control vulnerability | bdthemes | Ultimate Store Kit Elementor Addons | Medium | 4.3 | 2026-01-06 16:36:39 | Deep Dive |
| CVE-2024-23511 | WordPress The Plus Addons for Elementor plugin <= 5.3.3 - Cross Site Scripting (XSS) vulnerability | POSIMYTH | The Plus Addons for Elementor Page Builder Lite | Medium | 6.5 | 2026-01-05 13:33:58 | Deep Dive |