| CVE-2023-5360 | Royal Elementor Addons and Templates < 1.3.79 - Unauthenticated Arbitrary File Upload | Unknown | Royal Elementor Addons and Templates | 超危 | - | 2023-10-31 13:54:42 | Deep Dive |
| CVE-2022-47175 | WordPress Royal Elementor Addons Plugin <= 1.3.75 is vulnerable to Cross Site Request Forgery (CSRF) | P Royal | Royal Elementor Addons and Templates | Medium | 4.3 | 2023-10-06 12:45:57 | Deep Dive |
| CVE-2023-41236 | WordPress Happy Elementor Addons Pro Plugin <= 2.8.0 is vulnerable to Cross Site Scripting (XSS) | Happy addons | Happy Elementor Addons Pro | High | 7.1 | 2023-09-27 11:35:15 | Deep Dive |
| CVE-2023-0689 | Metform Elementor Contact Form Builder <= 3.3.1 - Authenticated (Subscriber+) Information Disclosure via 'mf_first_name' shortcode | roxnor | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor | Medium | 4.3 | 2023-08-31 05:33:06 | Deep Dive |
| CVE-2023-32241 | WordPress Essential Addons for Elementor Pro Plugin <= 5.4.8 is vulnerable to Cross Site Scripting (XSS) | WPDeveloper | Essential Addons for Elementor Pro | High | 7.1 | 2023-08-29 20:11:55 | Deep Dive |
| CVE-2022-4953 | Elementor < 3.5.5 - Iframe Injection | Unknown | Elementor Website Builder | 中危 | - | 2023-08-14 19:10:18 | Deep Dive |
| CVE-2023-4282 | EmbedPress <= 3.8.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Delete via admin_post_remove and remove_private_data | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 5.4 | 2023-08-10 11:05:43 | Deep Dive |
| CVE-2023-4283 | EmbedPress <= 3.8.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2023-08-10 11:05:43 | Deep Dive |
| CVE-2023-3779 | Essential Addons For Elementor <=5.8.1 - Unauthenticated MailChimp API Key Disclosure | wpdevteam | Essential Addons for Elementor – Popular Elementor Templates & Widgets | Medium | 5.3 | 2023-07-20 05:39:00 | Deep Dive |
| CVE-2022-47169 | WordPress Visibility Logic for Elementor Plugin <= 2.3.4 is vulnerable to Cross Site Request Forgery (CSRF) | StaxWP | Visibility Logic for Elementor | Medium | 4.3 | 2023-07-18 12:09:47 | Deep Dive |
| CVE-2023-3709 | Royal Elementor Addons <=1.3.70 - Unauthenticated MailChimp API Key Disclosure | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 5.3 | 2023-07-18 02:01:09 | Deep Dive |
| CVE-2023-2517 | Metform Elementor Contact Form Builder <= 3.3.2 - Cross-Site Request Forgery via permalink_setup | roxnor | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor | Medium | 5.4 | 2023-07-12 04:38:50 | Deep Dive |
| CVE-2023-28989 | WordPress Happy Addons for Elementor Plugin <= 3.8.2 is vulnerable to Cross Site Request Forgery (CSRF) | weDevs | Happy Addons for Elementor | Medium | 4.3 | 2023-07-10 12:51:08 | Deep Dive |
| CVE-2023-2324 | Elementor Forms Google Sheet Connector < 1.0.7 - Reflected XSS | Unknown | Elementor Forms Google Sheet Connector | 中危 | - | 2023-07-04 07:23:26 | Deep Dive |
| CVE-2021-4401 | Style Kits <= 1.8.0 - Cross-Site Request Forgery Bypass | analogwp | Style Kits – Advanced Theme Styles for Elementor, Elementor Kits & Elementor Patterns | High | 8.8 | 2023-07-01 05:33:27 | Deep Dive |
| CVE-2020-36744 | NotificationX <= 1.8.2 - Cross-Site Request Forgery Bypass | wpdevteam | NotificationX – FOMO, Live Sales Notification, WooCommerce Sales Popup, GDPR, Social Proof, Announcement Banner & Floating Notification Bar | Medium | 4.3 | 2023-07-01 04:26:51 | Deep Dive |
| CVE-2023-3371 | EmbedPress <= 3.7.3 - Sensitive Information Exposure | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 5.3 | 2023-06-27 01:55:28 | Deep Dive |
| CVE-2023-34012 | WordPress Premium Addons PRO Plugin <= 2.8.24 is vulnerable to Cross Site Scripting (XSS) | Premium Addons for Elementor | Premium Addons PRO | High | 7.1 | 2023-06-23 11:24:52 | Deep Dive |
| CVE-2023-3295 | Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.66 - Authenticated (Contributor+) Arbitrary File Upload | unitecms | Unlimited Elements For Elementor | High | 8.8 | 2023-06-17 01:48:18 | Deep Dive |
| CVE-2023-0692 | Metform Elementor Contact Form Builder <= 3.3.1 - Authenticated (Subscriber+) Information Disclosure via 'mf_payment_status' shortcode | roxnor | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor | Medium | 4.3 | 2023-06-09 05:33:37 | Deep Dive |