Essential addons for elementor

This hub aggregates every CVE we track for Essential addons for elementor, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.

Web & CMS Plugins

CVEs tracked

Critical

High

In CISA KEV

Severity distribution

MEDIUM47HIGH7CRITICAL2LOW1

Monthly trend

2024-072026-06

Latest CVEs

See all →

The 15 most recently published vulnerabilities affecting Essential addons for elementor.

CVE-2026-25440WordPress Essential Addons for Elementor plugin < 6.6.0 - Broken Access Control vulnerability5.3Jun 15, 2026
CVE-2026-23543WordPress Essential Addons for Elementor plugin <= 6.5.5 - Broken Access Control vulnerability5.3Feb 19, 2026
CVE-2025-69092WordPress Essential Addons for Elementor plugin <= 6.5.3 - Cross Site Scripting (XSS) vulnerability6.5Dec 30, 2025
CVE-2025-64352WordPress Essential Addons for Elementor plugin <= 6.2.4 - Broken Access Control vulnerability2.7Oct 31, 2025
CVE-2025-6244Essential Addons for Elementor – Popular Elementor Templates and Widgets <= 6.1.19 - Authenticated (Contributor+) Stored Cross-Site Scripting via `Calendar` And `Business Reviews` Widgets6.4Jul 8, 2025
CVE-2024-9993Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 6.1.12 - Authenticated(Contributor+) Stored Cross-Site Scripting via Event Calendar Widget6.4Jun 7, 2025
CVE-2024-9994Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 6.1.12 - Authenticated(Contributor+) Stored Cross-Site Scripting via Pricing Table Widget6.4Jun 7, 2025
CVE-2025-24752WordPress Essential Addons for Elementor plugin <= 6.0.14 - Reflected Cross Site Scripting (XSS) vulnerability7.1Apr 17, 2025
CVE-2025-39589WordPress Essential Addons for Elementor plugin <= 6.1.9 - Sensitive Data Exposure Vulnerability4.3Apr 16, 2025
CVE-2025-39590WordPress Essential Addons for Elementor plugin <= 6.1.9 - Cross Site Scripting (XSS) Vulnerability6.5Apr 16, 2025
CVE-2024-56063WordPress Essential Addons for Elementor plugin <= 6.0.7 - Cross Site Scripting (XSS) vulnerability6.5Dec 31, 2024
CVE-2024-8978Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders <= 6.0.9 - Authenticated (Contributor+) Sensitive Information Exposure5.7Nov 15, 2024
CVE-2024-8979Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders <= 6.0.9 - Authenticated (Author+) Sensitive Information Exposure to Privilege Escalation8.0Nov 15, 2024
CVE-2024-8961Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders <= 6.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting6.4Nov 15, 2024
CVE-2021-4447Essential Addons for Elementor <= 4.6.4 - Authenticated (Contributor+) Privilege Escalation8.8Oct 16, 2024

Product normalization is registry-driven with AI assist and human review. How it works