ReportizFlow
Filtered by vendor Elementor
Subscriptions
Total
153 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-46434 | 3 Elementor, Posimyth, Wordpress | 3 Elementor, The Plus Addons For Elementor, Wordpress | 2026-04-29 | 6.5 Medium |
| Missing Authorization vulnerability in POSIMYTH Innovation The Plus Addons for Elementor Pro theplus_elementor_addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Plus Addons for Elementor Pro: from n/a through < 6.3.7. | ||||
| CVE-2023-35050 | 2 Elementor, Wordpress | 2 Elementor Pro, Wordpress | 2026-04-28 | 5.4 Medium |
| Missing Authorization vulnerability in Elementor Elementor Pro.This issue affects Elementor Pro: from n/a through 3.13.0. | ||||
| CVE-2026-24386 | 3 Elementinvader, Elementor, Wordpress | 3 Template Kits For Elementor, Elementor, Wordpress | 2026-04-28 | 4.3 Medium |
| Missing Authorization vulnerability in Element Invader Element Invader – Template Kits for Elementor elementinvader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Element Invader – Template Kits for Elementor: from n/a through <= 1.2.4. | ||||
| CVE-2025-68981 | 3 Designthemes, Elementor, Wordpress | 3 Homefix Elementor Portfolio, Elementor, Wordpress | 2026-04-28 | 5.3 Medium |
| Missing Authorization vulnerability in designthemes HomeFix Elementor Portfolio homefix-ele-portfolio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HomeFix Elementor Portfolio: from n/a through <= 1.0.1. | ||||
| CVE-2025-63033 | 3 Elementor, Riyadh Ahmed, Wordpress | 3 Elementor, Make Section And Column Clickable For Elementor, Wordpress | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Riyadh Ahmed Make Section & Column Clickable For Elementor make-section-column-clickable-elementor allows Stored XSS.This issue affects Make Section & Column Clickable For Elementor: from n/a through <= 2.4. | ||||
| CVE-2025-60084 | 3 Add-ons.org, Elementor, Wordpress | 3 Pdf-for-elementor-forms, Elementor, Wordpress | 2026-04-28 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Elementor Forms + Drag And Drop Template Builder pdf-for-elementor-forms allows Object Injection.This issue affects PDF for Elementor Forms + Drag And Drop Template Builder: from n/a through <= 6.5.0. | ||||
| CVE-2024-32681 | 2 Bdthemes, Elementor | 2 Prime Slider, Elementor | 2026-04-28 | 4.3 Medium |
| Missing Authorization vulnerability in BdThemes Prime Slider – Addons For Elementor.This issue affects Prime Slider – Addons For Elementor: from n/a through 3.13.2. | ||||
| CVE-2023-48777 | 1 Elementor | 1 Website Builder | 2026-04-28 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Elementor.Com Elementor Website Builder.This issue affects Elementor Website Builder: from 3.3.0 through 3.18.1. | ||||
| CVE-2023-47504 | 1 Elementor | 1 Website Builder | 2026-04-28 | 6.5 Medium |
| Improper Authentication vulnerability in Elementor Elementor Website Builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Elementor Website Builder: from n/a through 3.16.4. | ||||
| CVE-2023-47505 | 1 Elementor | 1 Website Builder | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Elementor.Com Elementor allows Cross-Site Scripting (XSS).This issue affects Elementor: from n/a through 3.16.4. | ||||
| CVE-2023-32238 | 3 Codexthemes, Elementor, Wordpress | 3 Thegem, Elementor, Wordpress | 2026-04-28 | 5.4 Medium |
| Vulnerability in CodexThemes TheGem (Elementor), CodexThemes TheGem (WPBakery).This issue affects TheGem (Elementor): from n/a before 5.8.1.1; TheGem (WPBakery): from n/a before 5.8.1.1. | ||||
| CVE-2025-62889 | 3 Elementor, Kingaddons, Wordpress | 3 Elementor, King Addons For Elementor, Wordpress | 2026-04-27 | 6.5 Medium |
| Missing Authorization vulnerability in KingAddons.com King Addons for Elementor king-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects King Addons for Elementor: from n/a through <= 51.1.61. | ||||
| CVE-2025-63055 | 3 Elementor, Liton Arefin, Wordpress | 3 Elementor, Master Addons For Elementor, Wordpress | 2026-04-24 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Liton Arefin Master Addons for Elementor master-addons allows Stored XSS.This issue affects Master Addons for Elementor: from n/a through <= 2.0.9.9.4. | ||||
| CVE-2025-63077 | 3 Elementor, Happymonster, Wordpress | 3 Elementor, Happy Addons For Elementor, Wordpress | 2026-04-24 | 4.3 Medium |
| Missing Authorization vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Happy Addons for Elementor: from n/a through <= 3.20.3. | ||||
| CVE-2025-64244 | 3 Codexpert, Elementor, Wordpress | 3 Restrict Elementor Widgets Columns And Sections, Elementor, Wordpress | 2026-04-24 | 4.3 Medium |
| Missing Authorization vulnerability in Codexpert, Inc Restrict Elementor Widgets, Columns and Sections restrict-elementor-widgets allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Restrict Elementor Widgets, Columns and Sections: from n/a through <= 1.12. | ||||
| CVE-2025-68532 | 3 Elementor, Modeltheme, Wordpress | 3 Elementor, Addons For Wpbakery And Elementor, Wordpress | 2026-04-24 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in modeltheme ModelTheme Addons for WPBakery and Elementor modeltheme-addons-for-wpbakery allows Stored XSS.This issue affects ModelTheme Addons for WPBakery and Elementor: from n/a through < 1.5.6. | ||||
| CVE-2025-63026 | 3 Elementor, Themegoods, Wordpress | 3 Elementor, Grand Restaurant, Wordpress | 2026-04-24 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Grand Restaurant Theme Elements for Elementor grandrestaurant-elementor allows Stored XSS.This issue affects Grand Restaurant Theme Elements for Elementor: from n/a through <= 2.1.1. | ||||
| CVE-2026-24390 | 3 Elementor, Qantumthemes, Wordpress | 3 Elementor, Kentha Elementor Widgets, Wordpress | 2026-04-24 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in QantumThemes Kentha Elementor Widgets kentha-elementor allows PHP Local File Inclusion.This issue affects Kentha Elementor Widgets: from n/a through < 3.1. | ||||
| CVE-2026-25387 | 2 Elementor, Wordpress | 2 Image Optimizer By Elementor, Wordpress | 2026-04-24 | 4.3 Medium |
| Missing Authorization vulnerability in Elementor Image Optimizer by Elementor image-optimization allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Optimizer by Elementor: from n/a through <= 1.7.1. | ||||
| CVE-2025-68560 | 3 Codexthemes, Elementor, Wordpress | 3 Thegem, Elementor, Wordpress | 2026-04-23 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CodexThemes TheGem Theme Elements (for Elementor) thegem-elements-elementor.This issue affects TheGem Theme Elements (for Elementor): from n/a through <= 5.10.5.1. | ||||