Exposure of Elementor
Page builders, WordPress plugins702
exposure score
960,635
sites use
0
exploited
46
critical
CVEs
1,532 resultsCVE-2024-3645MEDIUMEssential Addons for Elementor Pro <= 5.8.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'title_html_tag'EPSS 0.3%CVE-2025-2228MEDIUMResponsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates <= 1.6.8 - Authenticated (Contributor+) Sensitive Information ExposureEPSS 0.3%CVE-2023-0086MEDIUMJetWidgets for Elementor <= 1.0.12 - Cross-Site Request Forgery to Settings UpdateEPSS 0.3%CVE-2025-69312CRITICALWordPress Xpro Elementor Addons plugin <= 1.4.19.1 - Arbitrary File Upload vulnerabilityEPSS 0.3%CVE-2024-50543MEDIUMWordPress amazing neo icon font for elementor plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2024-4376MEDIUMPremium Addons for Elementor <= 4.10.31 - Authenticated (Contributor+) Stored Cross-Site Scripting via Fancy Text WidgetEPSS 0.3%CVE-2024-5790MEDIUMHappy Addons for Elementor <= 3.11.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gradient Heading WidgetEPSS 0.3%CVE-2025-1005MEDIUMElementsKit Elementor addons <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Accordion WidgetEPSS 0.3%CVE-2024-4606MEDIUMWordPress Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder plugin <= 2.0.3 - PHP Object Injection vulnerabilityEPSS 0.3%CVE-2025-39589MEDIUMWordPress Essential Addons for Elementor plugin <= 6.1.9 - Sensitive Data Exposure VulnerabilityEPSS 0.3%CVE-2025-69356HIGHWordPress TheGem Theme Elements (for Elementor) plugin <= 5.11.0 - Local File Inclusion vulnerabilityEPSS 0.3%CVE-2024-12340MEDIUMAnimation Addons for Elementor <= 1.1.6 - Authenticated (Contributor+) Sensitive Information Exposure via Content Slider and Tabs Widget Elementor TemplateEPSS 0.3%CVE-2024-24846HIGHWordPress Mighty Addons for Elementor Plugin <= 1.9.3 is vulnerable to Cross Site Scripting (XSS)EPSS 0.3%CVE-2025-3103HIGHCLEVER - HTML5 Radio Player With History - Shoutcast and Icecast - Elementor Widget Addon <= 2.4 - Unauthenticated Arbitrary File ReadEPSS 0.3%CVE-2024-5347MEDIUMHappy Addons for Elementor <= 3.10.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Navigation WidgetEPSS 0.3%CVE-2024-2350MEDIUMClever Addons for Elementor <= 2.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple CAFE WidgetsEPSS 0.3%CVE-2024-0845MEDIUMPDF Viewer for Elementor <= 2.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via renderEPSS 0.3%CVE-2024-4669MEDIUMEvents Addon for Elementor <= 2.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple WidgetsEPSS 0.3%CVE-2024-4478MEDIUMHappy Addons for Elementor <= 3.10.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Stack Group WidgetEPSS 0.3%CVE-2024-5073MEDIUMEssential Addons for Elementor <= 5.9.21 - Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter FeedEPSS 0.3%
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →