Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

Elementor — Vulnerabilities & Security Advisories 17

Browse all 17 CVE security advisories affecting Elementor. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products Elementor:Elementor Website BuilderElementor ProAllyElementor Website Builder (WordPress plugin)Hello ElementorImage Optimizer by Elementor
CVE IDTitleCVSSSeverityPaused
CVE-2026-32445 WordPress Elementor Website Builder plugin <= 3.35.5 - Broken Access Control vulnerability — Elementor Website BuilderCWE-862 8.2 -2026-03-13
CVE-2026-32352 WordPress Elementor Website Builder plugin <= 3.35.5 - Cross Site Scripting (XSS) vulnerability — Elementor Website BuilderCWE-79 6.1 -2026-03-13
CVE-2024-50555 WordPress Elementor Website Builder plugin <= 3.29.0 - Cross Site Scripting (XSS) vulnerability — Elementor Website BuilderCWE-79 5.4AIMediumAI2026-02-20
CVE-2026-25386 WordPress Ally plugin <= 4.0.2 - Broken Access Control vulnerability — AllyCWE-862 8.1AIHighAI2026-02-19
CVE-2026-25387 WordPress Image Optimizer by Elementor plugin <= 1.7.1 - Broken Access Control vulnerability — Image Optimizer by ElementorCWE-862 4.3 Medium2026-02-19
CVE-2025-67588 WordPress Elementor Website Builder plugin <= 3.33.0 - Broken Access Control vulnerability — Elementor Website BuilderCWE-862 4.3 Medium2025-12-09
CVE-2025-32640 WordPress One Click Accessibility plugin <= 3.1.0 - Cross-Site Scripting (XSS) vulnerability — AllyCWE-79 5.9 Medium2025-04-09
CVE-2024-54444 WordPress Elementor plugin <= 3.25.10 - Cross Site Scripting (XSS) vulnerability — Elementor Website BuilderCWE-79 6.5 Medium2025-02-25
CVE-2024-35656 WordPress Elementor Pro <= 3.21.2 - Reflected Cross Site Scripting (XSS) vulnerability — Elementor ProCWE-79 7.1 High2024-07-22
CVE-2024-37437 WordPress Elementor Website Builder plugin <= 3.22.1 - Arbitrary SVG File Download vulnerability — Elementor Website BuilderCWE-79 5.5 Medium2024-07-09
CVE-2023-35050 WordPress Elementor Pro plugin <= 3.13.0 - Auth. Broken Access Control vulnerability — Elementor ProCWE-862 6.5 Medium2024-06-19
CVE-2023-33922 WordPress Elementor plugin <= 3.13.2 - Broken Access Control vulnerability — Elementor Website BuilderCWE-862 4.3 Medium2024-06-11
CVE-2024-24934 WordPress Elementor plugin <= 3.19.0 - Arbitrary File Deletion and Phar Deserialization vulnerability — Elementor Website BuilderCWE-22 8.5 High2024-05-17
CVE-2023-47504 WordPress Elementor plugin <= 3.16.4 - Auth. Arbitrary Attachment Read vulnerability — Elementor Website BuilderCWE-287 7.5 High2024-04-24
CVE-2024-31289 WordPress Hello Elementor theme <= 3.0.0 - Cross Site Request Forgery (CSRF) vulnerability — Hello ElementorCWE-352 4.3 Medium2024-04-12
CVE-2024-23523 WordPress Elementor Pro plugin <= 3.19.2 - Contributor+ Arbitrary User Meta Data Retrieval vulnerability — Elementor ProCWE-200 6.5 Medium2024-03-16
CVE-2022-29455 WordPress Elementor plugin <= 3.5.5 - Unauthenticated DOM-based Reflected Cross-Site Scripting (XSS) vulnerability — Elementor Website Builder (WordPress plugin)CWE-79 4.7 Medium2022-06-13

This page lists every published CVE security advisory associated with Elementor. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.