12420 matches found
EUVD-2026-40909
The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 1.0.21. This is due to insufficient output escaping and missing server-side validation of the Animated Box widget's animationeffect setting before it is rendered inside a...
CVE-2026-11380 JetWidgets For Elementor <= 1.0.21 - Authenticated (Author+) Stored Cross-Site Scripting via Animated Box 'animation_effect' Setting
The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 1.0.21. This is due to insufficient output escaping and missing server-side validation of the Animated Box widget's animationeffect setting before it is rendered inside a...
WordPress JetWidgets For Elementor plugin <= 1.0.21 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability
Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin JetWidgets For Elementor versions = 1.0.21...
EUVD-2025-210353
Contributor Broken Access Control in Live Copy Paste for Elementor = 1.5.3 versions...
CVE-2026-56028
Unauthenticated Privilege Escalation in Easy Elements for Elementor Addons & Website Templates = 1.4.9 versions...
CVE-2025-63079
Contributor Broken Access Control in Live Copy Paste for Elementor = 1.5.3 versions...
EUVD-2026-39691
Unauthenticated Privilege Escalation in Easy Elements for Elementor Addons & Website Templates = 1.4.9 versions...
CVE-2026-56028 WordPress Easy Elements for Elementor – Addons & Website Templates plugin <= 1.4.9 - Privilege Escalation vulnerability
Unauthenticated Privilege Escalation in Easy Elements for Elementor Addons & Website Templates = 1.4.9 versions...
CVE-2026-56028
CVE-2026-56028 describes an unauthenticated privilege-escalation vulnerability in the WordPress plugin Easy Elements for Elementor – Addons & Website Templates (versions
CVE-2025-63079
CVE-2025-63079 concerns the WordPress plugin Live Copy Paste for Elementor (versions
CVE-2025-63079 WordPress Live Copy Paste for Elementor plugin <= 1.5.3 - Broken Access Control vulnerability
Contributor Broken Access Control in Live Copy Paste for Elementor = 1.5.3 versions...
WordPress Live Copy Paste for Elementor plugin <= 1.5.4 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by MD ISMAIL in WordPress Plugin Live Copy Paste for Elementor versions = 1.5.4...
CVE-2026-57620
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tim Strifler Exclusive Addons Elementor allows Stored XSS. This issue affects Exclusive Addons Elementor: from n/a through 2.7.9.8...
CVE-2026-57620 WordPress Exclusive Addons Elementor plugin <= 2.7.9.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tim Strifler Exclusive Addons Elementor allows Stored XSS. This issue affects Exclusive Addons Elementor: from n/a through 2.7.9.8...
EUVD-2026-39649
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tim Strifler Exclusive Addons Elementor allows Stored XSS. This issue affects Exclusive Addons Elementor: from n/a through 2.7.9.8...
CVE-2026-57620
CVE-2026-57620 affects the WordPress plugin Exclusive Addons for Elementor (Tim Strifler) up to version 2.7.9.8. The issue is a Stored XSS caused by improper neutralization of input during web page generation. The vulnerability affects Exclusive Addons Elementor; no explicit exploit details or re...
WordPress Exclusive Addons Elementor plugin <= 2.7.9.8 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Exclusive Addons Elementor versions = 2.7.9.8...
PT-2026-52744
Name of the Vulnerable Software and Affected Versions Easy Elements for Elementor – Addons & Website Templates versions prior to 1.5.0 Description An unauthenticated privilege escalation issue exists, allowing an attacker to gain higher-level permissions without providing valid credentials...
PT-2026-52711
Name of the Vulnerable Software and Affected Versions Live Copy Paste for Elementor versions prior to 1.5.4 Description Broken access control allows users with the Contributor role to perform unauthorized actions. Recommendations Update Live Copy Paste for Elementor to version 1.5.4 or later...
EUVD-2026-39361
Contributor Sensitive Data Exposure in Elementor Website Builder = 4.1.3 versions...