elementor
Top products
Latest CVEs
The 15 most recently published vulnerabilities affecting elementor.
- CVE-2026-49782WordPress Elementor Website Builder plugin <= 4.1.0 - Broken Access Control vulnerability5.4
- CVE-2026-32445WordPress Elementor Website Builder plugin <= 3.35.5 - Broken Access Control vulnerability2.7
- CVE-2026-32352WordPress Elementor Website Builder plugin <= 3.35.5 - Cross Site Scripting (XSS) vulnerability6.5
- CVE-2024-50555WordPress Elementor Website Builder plugin <= 3.29.0 - Cross Site Scripting (XSS) vulnerability6.5
- CVE-2026-25387WordPress Image Optimizer by Elementor plugin <= 1.7.1 - Broken Access Control vulnerability4.3
- CVE-2026-25386WordPress Ally plugin <= 4.0.2 - Broken Access Control vulnerability5.3
- CVE-2025-67588WordPress Elementor Website Builder plugin <= 3.33.0 - Broken Access Control vulnerability4.3
- CVE-2025-8081Elementor <= 3.30.2 - Authenticated (Administrator+) Arbitrary File Read via Image Import4.9
- CVE-2025-3075Elementor <= 3.29.0 - Authenticated (Contributor+) Stored Cross-Site Scripting6.4
- CVE-2025-3076Elementor Pro <= 3.29.0 - Authenticated (Contributor+) Stored Cross-Site Scripting6.4
- CVE-2025-32640WordPress One Click Accessibility plugin <= 3.1.0 - Cross-Site Scripting (XSS) vulnerability5.9
- CVE-2025-1319Site Mailer <= 1.2.3 - Unauthenticated Stored Cross-Site Scripting6.4
- CVE-2024-54444WordPress Elementor plugin <= 3.25.10 - Cross Site Scripting (XSS) vulnerability6.5
- CVE-2024-13445Elementor Website Builder – More Than Just a Page Builder <= 3.27.4 - Authenticated (Contributor+) Stored Cross-Site Scripting6.4
- CVE-2024-8494Elementor Website Builder Pro – More than Just a Page Builder <= 3.25.10 - Authenticated (Contributor+) Sensitive Information Exposure via Shortcode4.3