Website Builder Security Vulnerabilities and Issues — Website Builder CVE List

Lucene search

ElementorWebsite Builder

4 matches found

CVE•added 2020/01/22 5:15 p.m.•116 views

CVE-2020-7109

The Elementor Page Builder plugin before 2.8.4 for WordPress does not sanitize data during creation of a new template.

9.8CVSS9.4AI score0.00873EPSS

CVE•added 2020/01/28 11:15 p.m.•110 views

CVE-2020-8426

The Elementor plugin before 2.8.5 for WordPress suffers from a reflected XSS vulnerability on the elementor-system-info page. These can be exploited by targeting an authenticated user.

5.4CVSS5.2AI score0.0045EPSS

CVE•added 2020/08/31 1:15 p.m.•44 views

CVE-2020-15020

An issue was discovered in the Elementor plugin through 2.9.13 for WordPress. An authenticated attacker can achieve stored XSS via the Name Your Template field.

5.4CVSS5.4AI score0.00153EPSS

CVE•added 2020/08/21 3:15 p.m.•40 views

CVE-2020-20634

Elementor 2.9.5 and below WordPress plugin allows authenticated users to activate its safe mode feature. This can be exploited to disable all security plugins on the blog.

6.5CVSS6.3AI score0.00487EPSS