Exposure of Elementor

Page builders, WordPress plugins

702

exposure score

960,635

sites use

0

exploited

46

critical

CVEs

1,532 results

CVE-2024-8236MEDIUMElementor Website Builder – More than Just a Page Builder <= 3.25.7 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2024-51813MEDIUMWordPress Anant Addons for Elementor plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2024-51851MEDIUMWordPress best bootstrap widgets for elementor plugin <= 1.0 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2024-2788MEDIUMHappy Addons for Elementor <= 3.10.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Title HTML TagEPSS 0.4%CVE-2024-4569MEDIUMElementor Addon Elements <= 1.13.5 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2025-67998HIGHWordPress Miraculous Elementor plugin <= 2.0.7 - Broken Authentication vulnerabilityEPSS 0.4%CVE-2025-24578MEDIUMWordPress ElementInvader Addons for Elementor plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2024-2492MEDIUMPowerPack Addons for Elementor <= 2.7.18 - Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Tweet WidgetEPSS 0.4%CVE-2023-47661MEDIUMWordPress Dragfy Addons for Elementor plugin <= 1.0.2 - Broken Access Control + CSRF vulnerabilityEPSS 0.4%CVE-2025-8151MEDIUMHT Mega – Absolute Addons For Elementor <= 2.9.1 - Authenticated (Author+) Path Traversal to Limited Arbitrary CSS File ActionsEPSS 0.4%CVE-2026-4803HIGHRoyal Addons for Elementor <= 1.7.1056 - Unauthenticated Stored Cross-Site Scripting via 'status' Parameter in wpr_update_form_action_metaEPSS 0.4%CVE-2024-31236MEDIUMWordPress Royal Elementor Addons plugin <= 1.3.93 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2025-32135MEDIUMWordPress Split Test For Elementor plugin <= 1.8.4 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2024-31357MEDIUMWordPress Ultimate Store Kit Elementor Addons plugin <= 1.5.2 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2024-4876MEDIUMHT Mega – Absolute Addons For Elementor <= 2.5.2 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2024-4634MEDIUMElementor Header & Footer Builder <= 1.6.28 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2024-6340MEDIUMPremium Addons for Elementor <= 4.10.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown WidgetEPSS 0.4%CVE-2026-6916MEDIUMJeg Kit for Elementor <= 3.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'sg_content_number_prefix' Shortcode AttributeEPSS 0.4%CVE-2023-32237MEDIUMAuth. Stored Cross-Site Scripting (XSS) vulnerability in TheGem theme by CodexThemesEPSS 0.4%CVE-2024-33633HIGHWordPress Piotnet Addons For Elementor Pro plugin <= 7.1.17 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.4%

← previouspage 28 / 77next →

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →