Filtered by vendor Elementor
Subscriptions
Filtered by product Elementor
Subscriptions
Total
94 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-68560 | 3 Codexthemes, Elementor, Wordpress | 3 Thegem, Elementor, Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CodexThemes TheGem Theme Elements (for Elementor) thegem-elements-elementor.This issue affects TheGem Theme Elements (for Elementor): from n/a through <= 5.10.5.1. | ||||
| CVE-2025-68559 | 3 Codexthemes, Elementor, Wordpress | 3 Thegem, Elementor, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem Theme Elements (for Elementor) thegem-elements-elementor.This issue affects TheGem Theme Elements (for Elementor): from n/a through <= 5.10.5.1. | ||||
| CVE-2025-62094 | 3 Elementor, Voidthemes, Wordpress | 3 Elementor, Void Elementor Whmcs Elements For Elementor Page Builder, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in voidthemes Void Elementor WHMCS Elements For Elementor Page Builder void-elementor-whmcs-elements.This issue affects Void Elementor WHMCS Elements For Elementor Page Builder: from n/a through <= 2.0.1.2. | ||||
| CVE-2025-60167 | 3 Elementor, Honzat, Wordpress | 3 Elementor, Page Manager For Elementor, Wordpress | 2026-04-01 | N/A |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in honzat Page Manager for Elementor page-manager-for-elementor allows Retrieve Embedded Sensitive Data.This issue affects Page Manager for Elementor: from n/a through <= 2.0.5. | ||||
| CVE-2025-60112 | 3 Athemes, Elementor, Wordpress | 3 Athemes Addons For Elementor, Elementor, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syed Balkhi aThemes Addons for Elementor athemes-addons-for-elementor-lite allows Stored XSS.This issue affects aThemes Addons for Elementor: from n/a through <= 1.1.2. | ||||
| CVE-2025-60096 | 3 Codexthemes, Elementor, Wordpress | 3 Thegem, Elementor, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in CodexThemes TheGem (Elementor) thegem-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TheGem (Elementor): from n/a through <= 5.10.5. | ||||
| CVE-2025-59592 | 3 Elementor, Fernando Acosta, Wordpress | 3 Elementor, Make Column Clickable Elementor, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fernando Acosta Make Column Clickable Elementor make-column-clickable-elementor allows Stored XSS.This issue affects Make Column Clickable Elementor: from n/a through <= 1.6.0. | ||||
| CVE-2025-59553 | 2 Elementor, Wordpress | 2 Elementor, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Coderz Studio Custom iFrame for Elementor custom-iframe allows DOM-Based XSS.This issue affects Custom iFrame for Elementor: from n/a through <= 1.0.13. | ||||
| CVE-2025-58254 | 3 Dtbaker, Elementor, Wordpress | 3 Stylepress, Elementor, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dtbaker StylePress for Elementor full-site-builder-for-elementor allows Stored XSS.This issue affects StylePress for Elementor: from n/a through <= 1.2.1. | ||||
| CVE-2025-58251 | 3 Elementor, Posimyth, Wordpress | 3 Elementor, Sticky Header Effects, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in POSIMYTH Sticky Header Effects for Elementor sticky-header-effects-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sticky Header Effects for Elementor: from n/a through <= 2.1.2. | ||||
| CVE-2025-57939 | 3 Blocksera, Elementor, Wordpress | 3 Image Hover Effects, Elementor, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Blocksera Image Hover Effects – Elementor Addon image-hover-effects-addon-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Hover Effects – Elementor Addon: from n/a through <= 1.4.4. | ||||
| CVE-2025-54712 | 3 Elementor, Hashthemes, Wordpress | 3 Elementor, Easy Elementor Addons, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in hashthemes Easy Elementor Addons easy-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Elementor Addons: from n/a through <= 2.2.7. | ||||
| CVE-2025-54704 | 3 Elementor, Hashthemes, Wordpress | 3 Elementor, Easy Elementor Addons, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hashthemes Easy Elementor Addons easy-elementor-addons allows DOM-Based XSS.This issue affects Easy Elementor Addons: from n/a through <= 2.2.6. | ||||
| CVE-2025-53230 | 2 Elementor, Wordpress | 2 Elementor, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in honzat Page Manager for Elementor page-manager-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Page Manager for Elementor: from n/a through <= 2.0.5. | ||||
| CVE-2025-49387 | 2 Elementor, Wordpress | 2 Elementor, Wordpress | 2026-04-01 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in add-ons.org Drag and Drop File Upload for Elementor Forms drag-and-drop-file-upload-for-elementor-forms allows Upload a Web Shell to a Web Server.This issue affects Drag and Drop File Upload for Elementor Forms: from n/a through <= 1.5.3. | ||||
| CVE-2025-48354 | 2 Elementor, Wordpress | 2 Elementor, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Smart Widgets Better Post & Filter Widgets for Elementor better-post-filter-widgets-for-elementor allows Stored XSS.This issue affects Better Post & Filter Widgets for Elementor: from n/a through <= 1.6.1. | ||||
| CVE-2025-63077 | 3 Elementor, Happymonster, Wordpress | 3 Elementor, Happy Addons For Elementor, Wordpress | 2026-04-01 | 4.3 Medium |
| Missing Authorization vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Happy Addons for Elementor: from n/a through <= 3.20.3. | ||||
| CVE-2025-63055 | 3 Elementor, Liton Arefin, Wordpress | 3 Elementor, Master Addons For Elementor, Wordpress | 2026-04-01 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Liton Arefin Master Addons for Elementor master-addons allows Stored XSS.This issue affects Master Addons for Elementor: from n/a through <= 2.0.9.9.4. | ||||
| CVE-2025-63033 | 3 Elementor, Riyadh Ahmed, Wordpress | 3 Elementor, Make Section And Column Clickable For Elementor, Wordpress | 2026-04-01 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Riyadh Ahmed Make Section & Column Clickable For Elementor make-section-column-clickable-elementor allows Stored XSS.This issue affects Make Section & Column Clickable For Elementor: from n/a through <= 2.4. | ||||
| CVE-2025-62923 | 3 Debuggers Studio, Elementor, Wordpress | 3 Marquee Addons For Elementor, Elementor, Wordpress | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Debuggers Studio Marquee Addons for Elementor marquee-addons-for-elementor allows DOM-Based XSS.This issue affects Marquee Addons for Elementor: from n/a through <= 3.8.2. | ||||