Exposure of Elementor
Page builders, WordPress plugins696
exposure score
960,635
sites use
0
exploited
46
critical
CVEs
1,530 resultsCVE-2021-24268—JetWidgets For Elementor < 1.0.9 - Contributor+ Stored XSSEPSS 0.6%CVE-2021-24256—Elementor - Header, Footer & Blocks Template < 1.5.8 - Contributor+ Stored XSSEPSS 0.6%CVE-2021-24266—The Plus Addons for Elementor Page Builder Lite < 2.0.6 - Contributor+ Stored XSSEPSS 0.6%CVE-2021-24264—Image Hover Effects - Elementor Addon < 1.3.4 - Contributor+ Stored XSSEPSS 0.6%CVE-2021-24255—Essential Addons for Elementor < 4.5.4 - Contributor+ Stored Cross-Site Scripting (XSS)EPSS 0.6%CVE-2023-39157CRITICALWordPress JetElements For Elementor Plugin <= 2.6.10 is vulnerable to Remote Code Execution (RCE)EPSS 0.6%CVE-2021-42360HIGHStarter Templates — Elementor, Gutenberg & Beaver Builder Templates <= 2.7.0 Authenticated Block Import to Stored XSSEPSS 0.6%CVE-2024-34812MEDIUMWordPress ShopBuilder plugin <= 2.1.8 - Sensitive Data Exposure vulnerabilityEPSS 0.6%CVE-2024-13408HIGHPost Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget <= 1.6.10 - Authenticated (Contributor+) Local File InclusionEPSS 0.6%CVE-2024-43140HIGHWordPress Ultimate Bootstrap Elements for Elementor plugin <= 1.4.4 - Local File Inclusion vulnerabilityEPSS 0.6%CVE-2024-0438MEDIUMHappy Addons for Elementor <= 3.10.1 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.6%CVE-2024-6434LOWPremium Addons for Elementor <= 4.10.35 - Regular Expressions Denial of ServiceEPSS 0.6%CVE-2023-0708MEDIUMMetform Elementor Contact Form Builder <= 3.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via mf_first_name shortcodeEPSS 0.6%CVE-2023-3709MEDIUMRoyal Elementor Addons <=1.3.70 - Unauthenticated MailChimp API Key DisclosureEPSS 0.6%CVE-2026-4326HIGHVertex Addons for Elementor <= 1.6.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation and Activation via 'afeb_activate_required_plugins'EPSS 0.6%CVE-2025-32158HIGHWordPress aThemes Addons for Elementor plugin <= 1.1.3 - Local File Inclusion vulnerabilityEPSS 0.6%CVE-2024-30496HIGHWordPress Element Pack Lite plugin <= 5.5.3 - SQL Injection vulnerabilityEPSS 0.6%CVE-2024-37520MEDIUMWordPress ShopBuilder – Elementor WooCommerce Builder Addons plugin <= 2.1.12 - Local File Inclusion vulnerabilityEPSS 0.6%CVE-2024-37462HIGHWordPress Ultimate Bootstrap Elements for Elementor plugin <= 1.4.2 - Local File Inclusion vulnerabilityEPSS 0.6%CVE-2024-1467MEDIUMStarter Templates — Elementor, WordPress & Beaver Builder Templates <= 4.1.6 - Authenticated (Contributor+) Server-Side Request ForgeryEPSS 0.6%
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →