Plugin icon

Elementor Pro

elementor-pro

Vulnerabilities:

14

Last Updated:

March 13, 2026

Active Installs:

n/a

Published
Title
Fixed in
CVSS
Published
2025-06-19
Title
Elementor Website Builder < 3.29.1 - Contributor+ Stored XSS
Fixed in
Fixed in 3.29.1
CVSS
5.9 (medium)
Published
2025-06-09
Title
Elementor Pro < 3.29.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
Fixed in
Fixed in 3.29.1
CVSS
6.4 (medium)
Published
2025-01-29
Title
Elementor Website Builder Pro – More than Just a Page Builder < 3.25.11 - Authenticated (Contributor+) Sensitive Information Exposure via Shortcode
Fixed in
Fixed in 3.25.11
CVSS
4.3 (medium)
Published
2024-06-28
Title
Elementor Pro < 3.21.3 - Reflected Cross-Site Scripting
Fixed in
Fixed in 3.21.3
CVSS
6.1 (medium)
Published
2024-05-02
Title
Elementor Website Builder Pro < 3.21.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting
Fixed in
Fixed in 3.21.2
CVSS
6.4 (medium)
Published
2024-03-26
Title
Elementor Website Builder Pro < 3.20.2 - Authententicated (Contributor+) Stored Cross-Site Scripting
Fixed in
Fixed in 3.20.2
CVSS
6.4 (medium)
Published
2024-03-26
Title
Elementor Website Builder Pro < 3.20.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
Fixed in
Fixed in 3.20.2
CVSS
5.4 (medium)
Published
2024-03-26
Title
Elementor Website Builder Pro < 3.20.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Form Widget SVGZ File Upload
Fixed in
Fixed in 3.20.2
CVSS
6.4 (medium)
Published
2024-03-26
Title
Elementor Website Builder Pro < 3.20.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via video_html_tag
Fixed in
Fixed in 3.20.2
CVSS
6.4 (medium)
Published
2024-03-26
Title
Elementor Website Builder – More than Just a Page Builder < 3.20.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Navigation
Fixed in
Fixed in 3.20.2
CVSS
5.4 (medium)
Published
2024-02-26
Title
Elementor Pro < 3.19.3 - Authenticated (Contributor+) Information Exposure
Fixed in
Fixed in 3.19.3
CVSS
4.3 (medium)
Published
2023-03-28
Title
Elementor Pro < 3.11.7 - Subscriber+ Arbitrary Options Update
Fixed in
Fixed in 3.11.7
CVSS
8.8 (high)
Published
2020-05-07
Title
Elementor Pro < 2.9.4 - Authenticated Arbitrary File Upload
Fixed in
Fixed in 2.9.4
CVSS
9.9 (critical)
Published
2018-10-26
Title
Elementor Pro < 2.0.10 - XSS
Fixed in
Fixed in 2.0.10
CVSS
6.1 (medium)