Exposure of Elementor

Page builders, WordPress plugins

702

exposure score

960,635

sites use

0

exploited

46

critical

CVEs

1,532 results

CVE-2024-1413MEDIUMExclusive Addons for Elementor <= 2.6.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Timer WidgetEPSS 0.4%CVE-2024-1411MEDIUMPowerPack Addons for Elementor <= 2.7.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Buttons WidgetEPSS 0.4%CVE-2024-3885MEDIUMPremium Addons for Elementor <= 4.10.28 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2024-3891MEDIUMHappy Addons for Elementor <= 3.10.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via HTML TagsEPSS 0.4%CVE-2024-1055MEDIUMPowerPack Addons for Elementor (Free Widgets, Extensions and Templates) <= 2.7.14 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2024-0823MEDIUMExclusive Addons for Elementor <= 2.6.8 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2024-33914MEDIUMWordPress Exclusive Addons for Elementor plugin <= 2.6.9.1 - Broken Access Control on Post Duplication vulnerabilityEPSS 0.4%CVE-2025-57955MEDIUMWordPress Post Carousel Slider for Elementor Plugin <= 1.7.0 - Broken Access Control VulnerabilityEPSS 0.4%CVE-2024-1537MEDIUMEssential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Data TableEPSS 0.4%CVE-2024-6626MEDIUMEleForms – All In One Form Integration including DB for Elementor <= 2.9.9.9 - Missing AuthorizationEPSS 0.4%CVE-2024-54278MEDIUMWordPress News Ticker for Elementor plugin <= 2.1.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-4370MEDIUMWPZOOM Addons for Elementor (Templates, Widgets) <= 1.1.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Box WidgetEPSS 0.4%CVE-2024-34445MEDIUMWordPress SKT Addons for Elementor plugin <= 1.8 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2024-4107MEDIUMElementor Website Builder Pro <= 3.21.0 - Authenticated (Contributor+) DOM-Based Stored Cross-Site ScriptingEPSS 0.4%CVE-2024-10357MEDIUMClever Addons for Elementor <= 2.2.1 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor TemplatesEPSS 0.4%CVE-2024-4618MEDIUMExclusive Addons for Elementor <= 2.6.9.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Team Member WidgetEPSS 0.4%CVE-2023-49739HIGHWordPress PowerPack Pro for Elementor plugin <= 2.9.23 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2024-7092MEDIUMEssential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.27 - Authenticated (Contributor+) Stored Cross-Site Scripting via no_more_items_text ParameterEPSS 0.4%CVE-2023-0695MEDIUMMetform Elementor Contact Form Builder <= 3.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via mf shortcodeEPSS 0.4%CVE-2024-12116MEDIUMUnlimited Theme Addon For Elementor and WooCommerce <= 1.2.2 - Authenticated (Contributor+) Post DisclosureEPSS 0.4%

← previouspage 21 / 77next →

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →