| CVE-2023-32243 | WordPress Essential Addons for Elementor Plugin 5.4.0-5.7.1 is vulnerable to Privilege Escalation | WPDeveloper | Essential Addons for Elementor | Critical | 9.8 | 2023-05-12 07:23:23 | Deep Dive |
| CVE-2023-0280 | Ultimate Carousel For Elementor <= 2.1.7 - Contributor+ Stored XSS | Unknown | Ultimate Carousel For Elementor | 中危 | - | 2023-05-08 13:58:18 | Deep Dive |
| CVE-2022-47170 | WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Plugin <= 1.5.48 is vulnerable to Cross Site Scripting (XSS) | Unlimited Elements | Unlimited Elements For Elementor (Free Widgets, Addons, Templates) | Medium | 5.9 | 2023-03-28 08:09:22 | Deep Dive |
| CVE-2022-45831 | WordPress Image Hover Effects - Caption Hover with Carousel Plugin <= 2.8 is vulnerable to Cross Site Scripting (XSS) | biplob018 | Image Hover Effects for Elementor with Lightbox and Flipbox | High | 7.1 | 2023-03-28 07:15:46 | Deep Dive |
| CVE-2023-0336 | OoohBoi Steroids for Elementor < 2.1.5 - Subscriber+ Attachment Deletion | Unknown | OoohBoi Steroids for Elementor | 中危 | - | 2023-03-27 15:37:38 | Deep Dive |
| CVE-2023-0484 | Contact Form 7 Widget For Elementor Page Builder & Gutenberg Blocks < 1.1.6 - Arbitrary Plugin Activation via CSRF | Unknown | Contact Form 7 Widget For Elementor Page Builder & Gutenberg Blocks | 中危 | - | 2023-03-27 15:37:28 | Deep Dive |
| CVE-2023-0495 | HT Slider For Elementor < 1.4.0 - Arbitrary Plugin Activation via CSRF | Unknown | HT Slider For Elementor | 中危 | - | 2023-03-27 15:37:25 | Deep Dive |
| CVE-2022-4661 | Woo Products Widgets For Elementor < 1.0.8 - Contributor+ Stored XSS via Shortcode | Unknown | Widgets for WooCommerce Products on Elementor | 中危 | - | 2023-03-13 16:03:35 | Deep Dive |
| CVE-2022-47166 | WordPress Void Contact Form 7 Widget For Elementor Page Builder Plugin <= 2.1.1 is vulnerable to Cross Site Request Forgery (CSRF) | voidCoders | Void Contact Form 7 Widget For Elementor Page Builder | Medium | 4.3 | 2023-03-13 09:09:54 | Deep Dive |
| CVE-2021-4332 | The Plus Addons for Elementor PRO <= 4.1.9 & The Plus Addons for Elementor <= 2.0.6 - Authenticated (Contributor+) Arbitrary File Read | posimyththemes | The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce | Medium | 6.5 | 2023-03-07 14:16:47 | Deep Dive |
| CVE-2021-4331 | The Plus Addons for Elementor PRO <= 4.1.9 & The Plus Addons for Elementor <= 2.0.6 - Authenticated (Contributor+) Privilege Escalation | posimyththemes | The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce | High | 8.8 | 2023-03-07 14:07:35 | Deep Dive |
| CVE-2021-4330 | Envato Elements <= 2.0.10 & Template Kit <= 1.0.13 - Authenticated (Contributor+) Arbitrary File Upload | envato | Template Kit – Import | High | 8.8 | 2023-03-07 13:51:39 | Deep Dive |
| CVE-2023-0084 | Metform Elementor Contact Form Builder <= 3.1.2 - Unauthenticated Stored Cross-Site Scripting | roxnor | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor | High | 7.2 | 2023-03-02 18:35:22 | Deep Dive |
| CVE-2023-0085 | Metform Elementor Contact Form Builder <= 3.2.1 - reCaptcha Protection Bypass | roxnor | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor | Medium | 5.3 | 2023-03-02 16:01:14 | Deep Dive |
| CVE-2023-0034 | JetWidgets For Elementor < 1.0.14 - Contributor+ Stored XSS via Shortcode | Unknown | JetWidgets For Elementor | 中危 | - | 2023-02-13 14:32:25 | Deep Dive |
| CVE-2022-45067 | WordPress Exclusive Addons Elementor Plugin <= 2.6.1 is vulnerable to Cross Site Request Forgery (CSRF) | DevsCred | Exclusive Addons for Elementor | Medium | 4.3 | 2023-02-02 16:05:53 | Deep Dive |
| CVE-2022-4765 | Portfolio for Elementor, Image Gallery & Post Grid | PowerFolio < 2.3.1 - Contributor+ Stored XSS via Shortcode | Unknown | Portfolio for Elementor, Image Gallery & Post Grid | PowerFolio | 中危 | - | 2023-01-30 20:31:51 | Deep Dive |
| CVE-2022-4707 | Royal Elementor Addons <= 1.3.59 - Cross-Site Request Forgery to Menu Template creation | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 4.3 | 2023-01-10 16:55:52 | Deep Dive |
| CVE-2022-4701 | Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Plugin Activation | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 4.3 | 2023-01-10 16:55:47 | Deep Dive |
| CVE-2022-4703 | Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Import Deletion | wproyal | Royal Addons for Elementor – Addons and Templates Kit for Elementor | Medium | 4.3 | 2023-01-10 16:55:43 | Deep Dive |