Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Unlimited Elements For Elementor — Vulnerabilities & Security Advisories 21

All 21 CVE vulnerabilities found in Unlimited Elements For Elementor, with AI-generated Chinese analysis, references, and POCs.

Vendor: unitecms

CVE IDTitleCVSSSeverityPublished
CVE-2026-4659 Unlimited Elements For Elementor <= 2.0.6 - Authenticated (Contributor+) Arbitrary File Read via Path Traversal in Repeater JSON/CSV URL with Path Traversal CWE-22 7.5 High2026-04-17
CVE-2026-2724 Unlimited Elements For Elementor <= 2.0.5 - Unauthenticated Stored Cross-Site Scripting via Form Entry Fields CWE-79 7.2 High2026-03-10
CVE-2025-14274 Unlimited Elements for Elementor <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Border Hero Widget CWE-79 5.4 Medium2026-02-03
CVE-2025-8603 Unlimited Elements For Elementor <= 1.5.148 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 6.4 Medium2025-08-28
CVE-2025-1663 Unlimited Elements For Elementor <= 1.5.142 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 6.4 Medium2025-04-03
CVE-2024-13155 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.140 - Authenticated (Contributor+) Stored Cross-Site Scripting via Transparent Split Hero Widget CWE-79 6.4 Medium2025-02-20
CVE-2024-13153 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.135 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets CWE-79 6.4 Medium2025-01-09
CVE-2024-10784 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.126 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 6.4 Medium2024-12-12
CVE-2024-6170 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.112 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'email' CWE-79 6.4 Medium2024-07-09
CVE-2024-6169 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.112 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'username' CWE-79 6.4 Medium2024-07-09
CVE-2024-6166 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.112 - Authenticated (Contributor+) Time-Based SQL Injection CWE-89 8.8 High2024-07-09
CVE-2024-6171 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.112 - IP Address Spoofing to Antispam Bypass CWE-348 5.3 Medium2024-07-09
CVE-2024-5329 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.109 - Authenticated (Contributor+) Blind SQL Injection via data[addonID] Parameter CWE-89 8.8 High2024-06-06
CVE-2024-3190 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.107 - Authenticated (Contributor+) Stored Cross-Site Scripting via Text Field CWE-79 5.4 Medium2024-05-30
CVE-2023-6743 Unlimited Elements for Elementor <= 1.5.89 - Authenticated(Contributor+) Remote Code Execution via template import CWE-1336 8.8 High2024-05-29
CVE-2024-4779 Unlimited Elements for Elementor <= 1.5.107 - Authenticated (Contributor+) SQL Injection via data[post_ids][0] CWE-89 8.8 High2024-05-23
CVE-2024-3055 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.102 - Authenticated (Contributor+) SQL Injection CWE-89 8.8 High2024-05-10
CVE-2024-3547 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.102 - Reflected Cross-Site Scripting CWE-79 6.1 Medium2024-05-10
CVE-2024-2662 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.102 - Authenticated (Admin+) Command Injection CWE-78 7.2 High2024-05-10
CVE-2024-0367 Unlimited Elements For Elementor <= 1.5.96 - Authenticated (Contributor+) Stored Cross-Site Scripting via Widget Link CWE-79 6.4 Medium2024-03-30
CVE-2023-3295 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.66 - Authenticated (Contributor+) Arbitrary File Upload CWE-434 8.8 High2023-06-17

All 21 known CVE vulnerabilities affecting Unlimited Elements For Elementor with full Chinese analysis, references, and POCs where available.