Premium addons for elementor
This hub aggregates every CVE we track for Premium addons for elementor, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.
37
CVEs tracked
0
Critical
1
High
0
In CISA KEV
Severity distribution
MEDIUM35LOW1HIGH1
Monthly trend
4
1
1
2
0
1
0
0
0
0
0
1
1
0
0
0
0
3
1
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Premium addons for elementor.
- CVE-2025-69300WordPress Premium Addons for Elementor plugin <= 4.11.63 - Settings Change vulnerability5.4
- CVE-2025-68494WordPress Premium Addons for Elementor plugin <= 4.11.53 - Sensitive Data Exposure vulnerability5.3
- CVE-2025-14163Premium Addons for Elementor <= 4.11.53 - Cross-Site Request Forgery via 'insert_inner_template'4.3
- CVE-2025-14155Premium Addons for Elementor <= 4.11.53 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'get_template_content'5.3
- CVE-2024-11937Premium Addons for Elementor <= 4.10.69 - Authenticated (Contributor+) Stored Cross-Site Scripting6.4
- CVE-2025-4774Premium Addons for Elementor <= 4.11.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget6.4
- CVE-2024-56225WordPress Premium Addons for Elementor plugin <= 4.10.56 - Broken Access Control vulnerability5.4
- CVE-2024-10266Premium Addons for Elementor <= 4.10.60 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Video Box Widget6.4
- CVE-2021-4445Premium Addons for Elementor <= 4.5.1 - Authenticated (Subscriber+) Limited Arbitrary Option Update6.5
- CVE-2024-8681Premium Addons for Elementor <= 4.10.52 - Authenticated (Contributor+) Stored Cross-Site Scripting via Media Grid Widget6.4
- CVE-2024-6824Premium Addons for Elementor <= 4.10.38 - Missing Authorization to Authenticated (Contributor+) Arbitrary Content Deletion and Arbitrary Title Update4.3
- CVE-2024-37922WordPress Premium Addons for Elementor plugin <= 4.10.34 - Cross Site Scripting (XSS) vulnerability6.5
- CVE-2024-6495Premium Addons for Elementor <= 4.10.36 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Animated Text Widget6.4
- CVE-2024-6434Premium Addons for Elementor <= 4.10.35 - Regular Expressions Denial of Service3.1
- CVE-2024-6340Premium Addons for Elementor <= 4.10.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget6.4
Product normalization is registry-driven with AI assist and human review. How it works