Elementor
Starter Templates Vulnerability – Authenticated (Author+) Arbitrary File Upload via WXR Upload Bypass – CVE-2025-13065 | WordPress Plugin Vulnerability Report
Plugin Name: Starter Templates – AI-Powered Templates for Elementor & Gutenberg Key Information: Software Type: PluginSoftware Slug: astra-sitesSoftware Status: ActiveSoftware Author: brainstormforceSoftware Downloads: 86,521,101Active Installs: 2,000,000Last Updated: December 6, 2025Patched Versions: 4.4.42Affected Versions: ≤ 4.4.41 Vulnerability Details: Name: Starter Templates ≤ 4.4.41 – Authenticated (Author+) Arbitrary File Upload via WXR Upload BypassTitle: Authenticated (Author+) Arbitrary…
Happy Addons for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via PDF View Widget – CVE-2024-6627 | WordPress Plugin Vulnerability Report
Plugin Name: Happy Addons for Elementor Key Information: Software Type: Plugin Software Slug: happy-elementor-addons Software Status: Active Software Author: thehappymonster Software Downloads: 7,563,441 Active Installs: 400,000 Last Updated: July 29, 2024 Patched Versions: 3.11.3 Affected Versions: <= 3.11.2 Vulnerability Details: Name: Happy Addons for Elementor <= 3.11.2 Type: Authenticated (Contributor+) Stored Cross-Site Scripting via PDF…
Royal Elementor Addons and Templates Vulnerability – Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Magazine Grid/Slider Widget – CVE-2024-5818 | WordPress Plugin Vulnerability Report
Plugin Name: Royal Elementor Addons and Templates Key Information: Software Type: Plugin Software Slug: royal-elementor-addons Software Status: Active Software Author: wproyal Software Downloads: 6,367,071 Active Installs: 400,000 Last Updated: July 29, 2024 Patched Versions: 1.3.981 Affected Versions: <= 1.3.980 Vulnerability Details: Name: Royal Elementor Addons and Templates <= 1.3.980 Type: Authenticated (Contributor+) DOM-Based Stored Cross-Site…
ElementsKit Elementor Addons Vulnerability – Unauthenticated Information Exposure via ekit_widgetarea_content Function – CVE-2024-6455 | WordPress Plugin Vulnerability Report
Plugin Name: ElementsKit Elementor addons Key Information: Software Type: Plugin Software Slug: elementskit-lite Software Status: Active Software Author: xpeedstudio Software Downloads: 21,730,790 Active Installs: 1,000,000 Last Updated: July 29, 2024 Patched Versions: 3.2.1 Affected Versions: <= 3.2.0 Vulnerability Details: Name: ElementsKit Elementor addons <= 3.2.0 Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE: CVE-2024-6455 CVSS Score: 5.4 Publicly Published: July…
Premium Addons for Elementor Vulnerability – Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Animated Text Widget – CVE-2024-6495 | WordPress Plugin Vulnerability Report
Plugin Name: Premium Addons for Elementor Key Information: Software Type: Plugin Software Slug: premium-addons-for-elementor Software Status: Active Software Author: leap13 Software Downloads: 33,726,442 Active Installs: 700,000 Last Updated: July 27, 2024 Patched Versions: 4.10.37 Affected Versions: <= 4.10.36 Vulnerability Details: Name: Premium Addons for Elementor <= 4.10.36 Type: Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via…
Elementor Header & Footer Builder Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-33933 | WordPress Plugin Vulnerability Report
Plugin name: Elementor Header & Footer Builder Key Information: Software Type: Plugin Software Slug: header-footer-elementor Software Status: Active Software Author: brainstormforce Software Downloads: 30,625,064 Active Installs: 2,000,000 Last Updated: July 27, 2024 Patched Versions: NA Affected Versions: <= 1.6.35 Vulnerability Details: Name: Elementor – Header, Footer & Blocks Template <= 1.6.35 Title: Authenticated (Contributor+) Stored…
The Plus Addons for Elementor Vulnerability – Multiple Authenticated (Contributor+) Stored Cross-Site Scripting Vulnerabilities – CVE-2024-4485, CVE-2024-4484, CVE-2024-3718, CVE-2024-2784 | WordPress Plugin Vulnerability Report
Plugin Name: The Plus Addons for Elementor Key Information: Software Type: Plugin Software Slug: the-plus-addons-for-elementor-page-builder Software Status: Active Software Author: posimyththemes Software Downloads: 2,380,817 Active Installs: 100,000 Last Updated: May 23, 2024 Patched Versions: 5.5.5 Affected Versions: <= 5.5.4 Vulnerability Details: Name: Multiple Authenticated (Contributor+) Stored Cross-Site Scripting Vulnerabilities Type: Improper Neutralization of Input During…
Happy Addons for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-5088, CVE-2024-4865 | WordPress Plugin Vulnerability Report
Plugin Name: Happy Addons for Elementor Key Information: Software Type: Plugin Software Slug: happy-elementor-addons Software Status: Active Software Author: thehappymonster Software Downloads: 6,974,697 Active Installs: 400,000 Last Updated: May 17, 2024 Patched Versions: 3.10.9 Affected Versions: <= 3.10.8 Vulnerability Details: Name: Happy Addons for Elementor <= 3.10.8 – Authenticated (Contributor+) Stored Cross-Site Scripting Type: Improper…
Sina Extension for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-site Scriping via ‘Sina Particle Layer’ – CVE-2024-4373 | WordPress Plugin Vulnerability Report
Plugin Name: Sina Extension for Elementor Key Information: Software Type: Plugin Software Slug: sina-extension-for-elementor Software Status: Active Software Author: shaonsina Software Downloads: 550,459 Active Installs: 50,000 Last Updated: May 14, 2024 Patched Versions: 3.5.4 Affected Versions: <= 3.5.3 Vulnerability Details: Name: Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor…
Exclusive Addons for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Team Member Widget – CVE-2024-4618 | WordPress Plugin Vulnerability Report
Plugin Name: Exclusive Addons for Elementor Key Information: Software Type: Plugin Software Slug: exclusive-addons-for-elementor Software Status: Active Software Author: timstrifler Software Downloads: 870,318 Active Installs: 60,000 Last Updated: May 14, 2024 Patched Versions: 2.6.9.7 Affected Versions: <= 2.6.9.6 Vulnerability Details: Name: Exclusive Addons for Elementor <= 2.6.9.6 – Authenticated (Contributor+) Stored Cross-Site Scripting via Team…