Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Essential Addons for Elementor – Popular Elementor Templates & Widgets — Vulnerabilities & Security Advisories 42

All 42 CVE vulnerabilities found in Essential Addons for Elementor – Popular Elementor Templates & Widgets, with AI-generated Chinese analysis, references, and POCs.

Vendor: wpdevteam

CVE IDTitleCVSSSeverityPublished
CVE-2026-1512 Essential Addons for Elementor <= 6.5.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Info Box Widget CWE-79 6.4 Medium2026-02-14
CVE-2026-1004 Essential Addons for Elementor <= 6.5.5 - Missing Authorization to Unauthenticated Sensitive Information Exposure CWE-862 5.3 Medium2026-01-16
CVE-2025-13977 Essential Addons for Elementor – Popular Elementor Templates & Widgets <= 6.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 6.4 Medium2025-12-17
CVE-2025-8451 Essential Addons for Elementor – Popular Elementor Templates and Widgets <= 6.2.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via 'data-gallery-items' CWE-79 6.4 Medium2025-08-15
CVE-2025-6244 Essential Addons for Elementor – Popular Elementor Templates and Widgets <= 6.1.19 - Authenticated (Contributor+) Stored Cross-Site Scripting via `Calendar` And `Business Reviews` Widgets CWE-79 6.4 Medium2025-07-08
CVE-2024-9993 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 6.1.12 - Authenticated(Contributor+) Stored Cross-Site Scripting via Event Calendar Widget CWE-79 6.4 Medium2025-06-07
CVE-2024-9994 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 6.1.12 - Authenticated(Contributor+) Stored Cross-Site Scripting via Pricing Table Widget CWE-79 6.4 Medium2025-06-07
CVE-2024-8978 Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders <= 6.0.9 - Authenticated (Contributor+) Sensitive Information Exposure CWE-200 5.7 Medium2024-11-15
CVE-2024-8979 Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders <= 6.0.9 - Authenticated (Author+) Sensitive Information Exposure to Privilege Escalation CWE-200 8.0 High2024-11-15
CVE-2024-8961 Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders <= 6.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 6.4 Medium2024-11-15
CVE-2021-4447 Essential Addons for Elementor <= 4.6.4 - Authenticated (Contributor+) Privilege Escalation CWE-862 8.8 High2024-10-16
CVE-2021-4446 Essential Addons for Elementor <= 4.6.4 - Missing Authorization CWE-862 6.3 Medium2024-10-16
CVE-2024-8742 Essential Addons for Elementor <= 6.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Filterable Gallery Widget CWE-79 6.4 Medium2024-09-13
CVE-2024-8440 Essential Addons for Elementor -- Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 6.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Fancy Text Widget CWE-79 6.4 Medium2024-09-11
CVE-2024-7092 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.27 - Authenticated (Contributor+) Stored Cross-Site Scripting via no_more_items_text Parameter CWE-79 6.4 Medium2024-08-13
CVE-2024-5189 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.23 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 6.4 Medium2024-06-11
CVE-2024-5188 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.22 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 6.4 Medium2024-06-06
CVE-2024-5073 Essential Addons for Elementor <= 5.9.21 - Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Feed CWE-79 6.4 Medium2024-05-30
CVE-2024-4624 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.20 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 6.4 Medium2024-05-14
CVE-2024-4275 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.19 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Interactive Circles' CWE-79 6.4 Medium2024-05-10
CVE-2024-4449 Essential Addons for Elementor <= 5.9.19 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Several Widgets CWE-79 6.4 Medium2024-05-10
CVE-2024-4448 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.19 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Dual Color Header', 'Event Calendar', & 'Advanced Data Table' CWE-79 6.4 Medium2024-05-10
CVE-2024-3728 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via Filterable Gallery & Interactive Circle CWE-79 6.4 Medium2024-05-02
CVE-2024-4156 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.17 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 6.4 Medium2024-05-02
CVE-2024-4003 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.15 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-20 6.4 Medium2024-05-02
CVE-2024-3733 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.15 - Information Exposure CWE-200 5.3 Medium2024-04-25
CVE-2024-3333 Essential Addons for Elementor <= 5.9.14 - Authenticated (Contributor+) Store Cross-Site Scripting via Widget URL Attribute CWE-79 6.4 Medium2024-04-17
CVE-2024-2623 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.11 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 6.4 Medium2024-04-09
CVE-2024-2974 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.13 - Unauthenticated Sensitive Information Exposure CWE-200 5.3 Medium2024-04-09
CVE-2024-2650 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.11 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-20 6.4 Medium2024-04-09

All 42 known CVE vulnerabilities affecting Essential Addons for Elementor – Popular Elementor Templates & Widgets with full Chinese analysis, references, and POCs where available.