Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

Ultimate Addons for Elementor — Vulnerabilities & Security Advisories 12

All 12 CVE vulnerabilities found in Ultimate Addons for Elementor, with AI-generated Chinese analysis, references, and POCs.

Vendor: Unknown

CVE IDTitleCVSSSeverityPaused
CVE-2025-8488 Ultimate Addons for Elementor (Formerly Elementor Header & Footer Builder) <= 2.4.6 - Missing Authorization to Authenticated (Subscriber+) Limited Settings Update CWE-862 4.3 Medium2025-08-02
CVE-2024-11230 Elementor Header & Footer Builder <= 1.6.46 - Authenticated (Contributor+) Stored Cross-Site Scripting via Page Title Widget CWE-79 6.4 Medium2024-12-23
CVE-2024-10325 Elementor Header & Footer Builder <= 1.6.45 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload CWE-79 6.4 Medium2024-11-08
CVE-2024-10050 Elementor Header & Footer Builder <= 1.6.43 - Authenticated (Contributor+) Information Disclosure via Shortcode CWE-200 4.3 Medium2024-10-24
CVE-2024-37455 WordPress Ultimate Addons for elementor plugin <= 1.36.31 - Privilege Escalation vulnerability CWE-269 8.8 High2024-07-09
CVE-2024-5757 Elementor Header & Footer Builder <= 1.6.35 - Authenticated (Contributor+) Stored Cross-Site Scripting via Site Title Widget CWE-79 6.4 Medium2024-06-13
CVE-2024-2618 Elementor Header & Footer Builder <= 1.6.26 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-87 6.4 Medium2024-05-24
CVE-2023-50890 WordPress Ultimate Addons for Elementor plugin <= 1.36.20 - Privilege Escalation vulnerability CWE-269 8.8 High2024-05-17
CVE-2024-2619 Elementor Header & Footer Builder <= 1.6.26 - Authenticated (Author+) HTML Injection CWE-862 5.0 Medium2024-05-16
CVE-2024-4634 Elementor Header & Footer Builder <= 1.6.28 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 6.4 Medium2024-05-16
CVE-2024-1237 Elementor Header & Footer Builder <= 1.6.24 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 6.4 Medium2024-03-13
CVE-2021-24271 Ultimate Addons for Elementor < 1.30.0 - Contributor+ Stored XSS CWE-79 5.4 -2021-05-05

All 12 known CVE vulnerabilities affecting Ultimate Addons for Elementor with full Chinese analysis, references, and POCs where available.