The plus addons for elementor
This hub aggregates every CVE we track for The plus addons for elementor, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.
37
CVEs tracked
2
Critical
4
High
0
In CISA KEV
Severity distribution
MEDIUM31HIGH4CRITICAL2
Monthly trend
1
3
1
1
2
1
0
1
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting The plus addons for elementor.
- CVE-2025-1287The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 6.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets6.4
- CVE-2024-11829The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 6.1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting6.4
- CVE-2024-53823WordPress The Plus Addons for Elementor plugin <= 5.6.14 - Cross Site Scripting (XSS) vulnerability6.5
- CVE-2024-10365The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 6.0.3 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Templates4.3
- CVE-2024-43932WordPress The Plus Addons for Elementor plugin <= 5.6.2 - Broken Access Control vulnerability6.5
- CVE-2024-8913The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.6.11 - Authenticated (Contributor+) Sensitive Information Exposure via content_template4.3
- CVE-2024-43977WordPress The Plus Addons for Elementor plugin <= 5.6.2 - Cross Site Scripting (XSS) vulnerability5.9
- CVE-2024-5583The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Testimonials Widget Settings6.4
- CVE-2024-6575The Plus Addons for Elementor <= 5.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via TP Page Scroll Widget6.4
- CVE-2024-5763The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Video Widget6.4
- CVE-2024-4482The Plus Addons for Elementor <= 5.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget6.4
- CVE-2024-4983The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.6.0- Authenticated (Contributor+) Stored Cross-Site Scripting6.4
- CVE-2024-5455The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.5.6 - Authenticated (Contributor+) Local File Inclusion8.8
- CVE-2024-5344The Plus Addons for Elementor Page Builder <= 5.5.6 - Reflected Cross-Site Scripting via WP Login and Register Widget6.1
- CVE-2024-35709WordPress The Plus Addons for Elementor plugin <= 5.5.4 - Cross Site Scripting (XSS) vulnerability6.5
Product normalization is registry-driven with AI assist and human review. How it works