Known Vulnerabilities for Elementor Pro by Elementor
Listed below are 6 of the newest known vulnerabilities associated with "Elementor Pro" by "Elementor".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-61976 json | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Crocoblock JetBlocks For Elemento... | Not Provided | 2026-07-13 | 2026-07-13 |
| CVE-2026-59511 json | Insertion of Sensitive Information Into Sent Data vulnerability in Tim Strifler Exclusive Addons Elementor allows Retrieve Em... | Not Provided | 2026-07-05 | 2026-07-06 |
| CVE-2026-57804 json | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Code... | Not Provided | 2026-07-13 | 2026-07-13 |
| CVE-2026-57718 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Unlimited Elements Unli... | Not Provided | 2026-07-13 | 2026-07-13 |
| CVE-2026-57620 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tim Strifler Exclusive ... | Not Provided | 2026-06-26 | 2026-06-26 |
| CVE-2026-57619 json | Contributor Sensitive Data Exposure in Elementor Website Builder <= 4.1.3 versions. | Not Provided | 2026-06-25 | 2026-06-25 |
| CVE-2026-57376 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Element Invader Element... | Not Provided | 2026-07-13 | 2026-07-13 |
| CVE-2026-56028 json | Unauthenticated Privilege Escalation in Easy Elements for Elementor – Addons & Website Templates <= 1.4.9 versions. | Not Provided | 2026-06-26 | 2026-06-29 |
| CVE-2026-49782 json | Missing Authorization vulnerability in Elementor Elementor Website Builder allows Exploiting Incorrectly Configured Access Co... | Not Provided | 2026-06-02 | 2026-06-02 |
| CVE-2026-49765 json | Unauthenticated PHP Object Injection in Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms <= 1.1.... | Not Provided | 2026-06-15 | 2026-06-15 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Elementor | Elementor Pro | 3.0.5 |