Known Vulnerabilities for products from Elementor

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Elementor".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2021-42360 On sites that also had the Elementor plugin for WordPress installed, it was possible for users with the edit_posts capability... 5.4 - MEDIUM 2021-11-17 2021-11-17
CVE-2021-25027 The PowerPack Addons for Elementor WordPress plugin before 2.6.2 does not escape the tab parameter before outputting it back ... 6.1 - MEDIUM 2022-01-03 2022-01-03
CVE-2021-24967 The Contact Form & Lead Form Elementor Builder WordPress plugin before 1.6.4 does not sanitise and escape some lead values, w... 6.1 - MEDIUM 2021-12-27 2021-12-27
CVE-2021-24949 The "WP Search Filters" widget of The Plus Addons for Elementor - Pro WordPress plugin before 5.0.7 does not sanitise and esc... 9.8 - CRITICAL 2022-01-10 2022-01-10
CVE-2021-24948 The Plus Addons for Elementor - Pro WordPress plugin before 5.0.7 does not validate the qvquery parameter of the tp_get_dl_po... 7.5 - HIGH 2022-01-10 2022-01-10
CVE-2021-24891 The Elementor Website Builder WordPress plugin before 3.4.8 does not sanitise or escape user input appended to the DOM via a ... 6.1 - MEDIUM 2021-11-23 2021-12-15
CVE-2021-24206 In the Elementor Website Builder WordPress plugin before 3.1.4, the image box widget (includes/widgets/image-box.php) accepts... 5.4 - MEDIUM 2021-04-05 2021-04-09
CVE-2021-24205 In the Elementor Website Builder WordPress plugin before 3.1.4, the icon box widget (includes/widgets/icon-box.php) accepts a... 5.4 - MEDIUM 2021-04-05 2021-04-09
CVE-2021-24204 In the Elementor Website Builder WordPress plugin before 3.1.4, the accordion widget (includes/widgets/accordion.php) accepts... 5.4 - MEDIUM 2021-04-05 2021-04-09
CVE-2021-24203 In the Elementor Website Builder WordPress plugin before 3.1.4, the divider widget (includes/widgets/divider.php) accepts an ... 5.4 - MEDIUM 2021-04-05 2021-04-09
CVE-2021-24202 In the Elementor Website Builder WordPress plugin before 3.1.4, the heading widget (includes/widgets/heading.php) accepts a ... 5.4 - MEDIUM 2021-04-05 2021-04-09
CVE-2021-24201 In the Elementor Website Builder WordPress plugin before 3.1.4, the column element (includes/elements/column.php) accepts an ... 5.4 - MEDIUM 2021-04-05 2021-04-09
CVE-2020-36171 The Elementor Website Builder plugin before 3.0.14 for WordPress does not properly restrict SVG uploads. 6.1 - MEDIUM 2021-01-06 2021-01-11
CVE-2020-26596 The Dynamic OOO widget for the Elementor Pro plugin through 3.0.5 for WordPress allows remote authenticated users to execute ... 8.8 - HIGH 2020-10-07 2021-07-21
CVE-2020-20634 Elementor 2.9.5 and below WordPress plugin allows authenticated users to activate its safe mode feature. This can be exploite... 6.5 - MEDIUM 2020-08-21 2021-07-21
CVE-2020-20406 A stored XSS vulnerability exists in the Custom Link Attributes control Affect function in Elementor Page Builder 2.9.2 and e... 5.4 - MEDIUM 2020-09-16 2020-09-18
CVE-2020-15020 An issue was discovered in the Elementor plugin through 2.9.13 for WordPress. An authenticated attacker can achieve stored XS... 5.4 - MEDIUM 2020-08-31 2020-09-04
CVE-2020-13865 The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from multiple stored XSS vulnerabilities. An author user... 5.4 - MEDIUM 2020-06-05 2020-06-09
CVE-2020-13864 The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from a stored XSS vulnerability. An author user can crea... 5.4 - MEDIUM 2020-06-05 2020-06-09
CVE-2020-13126 An issue was discovered in the Elementor Pro plugin before 2.9.4 for WordPress, as exploited in the wild in May 2020 in conju... 9.9 - CRITICAL 2020-05-17 2020-08-25

Known software with vulnerabilities from Elementor

Type Vendor Product Version
ApplicationElementorElementor-
ApplicationElementorElementor Page Builder-
ApplicationElementorElementor Pro3.0.5
ApplicationElementorPage Builder2.9.0
ApplicationElementorWebsite Builder-

Popular searches for "Elementor"

Elementor: #1 Free WordPress Website Builder | Elementor.com

elementor.com

@ elementorforum.com/goto/elementor winningwp.com/sb-ref/elementor kb.oboxthemes.com/go/elementor-docs-menu wpdeveloper.net/go/elementor www.nichepursuits.com/elementor elementor.com/?campaign=VK-footer-thembuilder saibafazertudo.com.br/elementor-pro-pagina-indicamos bit.ly/elementor-pro-desconto www.affiliatemarketing-italia.com/elementor WordPress Website Design Plug-in (computing) Web design Free software Workflow Drag and drop Marketing Communication design Graphic design Programmer Pop-up ad Tutorial Blog Process (computing) Installation (computer programs) Create (TV network) Build (developer conference) Theme (computing)