logoWordPressPluginsThemesAPISubmitContact
search-icon
logo
search-icon
WordPressPluginsThemesAPISubmitContactSecurity Scanner
Register

Elementor Website Builder wordpress-logolabel

2021-03-24

Elementor < 3.1.4 - DOM Cross-Site-Scripting

fixed in version 3.1.4

2021-03-17

Elementor < 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) in Image Box Widget

fixed in version 3.1.4

2021-03-17

Elementor < 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) in Icon Box Widget

fixed in version 3.1.4

2021-03-17

Elementor < 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) in Accordion Widget

fixed in version 3.1.4

2021-03-17

Elementor < 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) in Divider Widget

fixed in version 3.1.4

2021-03-17

Elementor < 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) in Heading Widget

fixed in version 3.1.4

2021-03-17

Elementor < 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) in Column Element

fixed in version 3.1.4

2021-01-06

Elementor < 3.0.14 - SVG Upload Allowed by Default

fixed in version 3.0.14

2020-07-21

Elementor < 2.9.14 - Authenticated Stored Cross-Site Scripting

fixed in version 2.9.14

2020-06-05

Elementor Page Builder < 2.9.10 - Authenticated Stored XSS

fixed in version 2.9.10

2020-05-06

Elementor < 2.9.8 - SVG Sanitizer Bypass leading to Authenticated Stored XSS

fixed in version 2.9.8

2020-03-31

Elementor Page Builder < 2.9.6 - Authenticated Safe Mode Privilege Escalation

fixed in version 2.9.6

2020-01-29

Elementor Page Builder < 2.7.6 - Authenticated Stored XSS

fixed in version 2.7.7

2020-01-29

Elementor Page Builder < 2.8.5 - Authenticated Reflected XSS

fixed in version 2.8.5

2020-01-19

Elementor Page Builder < 2.8.4 - Cross-Site Scripting (XSS)

fixed in version 2.8.4

2020-01-14

Elementor < 2.7.5 - Authenticated Arbitrary File Upload

fixed in version 2.7.5

2017-11-27

Elementor Page Builder <= 1.7.12 - Authenticated Unrestricted Editing

fixed in version 1.8.0

Is this your WordPress plugin?

We offer WordPress plugin security testing to help identify security vulnerabilities within your plugin. Please note that this is a paid service. If you are interested in talking about having your plugin tested by WordPress security experts, get in touch.