12422 matches found
EUVD-2026-37668
Contributor Arbitrary File Upload in Unlimited Elements for Elementor Premium = 2.0.6 versions...
CVE-2026-40720
Unauthenticated Cross Site Scripting XSS in Royal Elementor Addons Pro 1.7.1041 versions...
CVE-2026-42629
Unauthenticated Broken Authentication in PowerPack Pro for Elementor v2.13.0 versions...
CVE-2026-39597
Unauthenticated Cross Site Scripting XSS in WPZOOM Addons for Elementor = 1.3.4 versions...
CVE-2026-27041
Contributor Arbitrary File Upload in Unlimited Elements for Elementor Premium = 2.0.6 versions...
EUVD-2026-37692
Unauthenticated Cross Site Scripting XSS in Royal Elementor Addons Pro 1.7.1041 versions...
CVE-2026-42629 WordPress PowerPack Pro for Elementor plugin < v2.13.0 - Broken Authentication vulnerability
Unauthenticated Broken Authentication in PowerPack Pro for Elementor v2.13.0 versions...
CVE-2026-42629
Vulnerability overview: WordPress PowerPack Pro for Elementor (plugin) with versions
CVE-2026-39597
This CVE covers an unauthenticated, reflected Cross Site Scripting (XSS) in the WordPress WPZOOM Addons for Elementor plugin (versions
CVE-2026-39597 WordPress WPZOOM Addons for Elementor plugin <= 1.3.4 - Reflected Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in WPZOOM Addons for Elementor = 1.3.4 versions...
CVE-2026-27041 WordPress Unlimited Elements for Elementor (Premium) plugin <= 2.0.6 - Arbitrary File Upload vulnerability
Contributor Arbitrary File Upload in Unlimited Elements for Elementor Premium = 2.0.6 versions...
CVE-2026-27041
CVE-2026-27041 : Affected software is WordPress Unlimited Elements for Elementor – Premium, versions
EUVD-2026-36912
Unauthenticated Broken Access Control in Essential Addons for Elementor 6.6.0 versions...
CVE-2026-49104
Unauthenticated PHP Object Injection in Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms = 1.2.1 versions...
CVE-2026-48870
Subscriber Cross Site Scripting XSS in King Addons for Elementor = 51.1.62 versions...
CVE-2026-45437
Unauthenticated Cross Site Scripting XSS in Product Filter Widget for Elementor = 1.0.6 versions...
CVE-2026-25440
Unauthenticated Broken Access Control in Essential Addons for Elementor 6.6.0 versions...
CVE-2026-49765
The CVE-2026-49765 entry concerns the WordPress Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms plugin (versions <= 1.1.8). The connected sources confirm unauthenticated PHP Object Injection as the vulnerability, with a CVSS 3.1 base score of 9.8 (CRITICAL) and im...
CVE-2026-49765 WordPress Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms plugin <= 1.1.8 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms = 1.1.8 versions...
EUVD-2026-36882
Unauthenticated PHP Object Injection in WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms = 1.1.4 versions...