Elementor Elementor Website Builder
10 CVEs affecting Elementor Elementor Website Builder. Latest disclosed: 2026-06-02. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-24934 | High | 8.5 | 2024-05-17 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Elementor Elementor Website Builder allows Manipulating Web Inp… |
CVE-2026-32352 | Medium | 6.5 | 2026-03-13 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Elementor Elementor Website Builder elementor allows DOM-… |
CVE-2024-50555 | Medium | 6.5 | 2026-02-20 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Elementor Elementor Website Builder elementor allows Stor… |
CVE-2024-54444 | Medium | 6.5 | 2025-02-25 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Elementor Elementor Website Builder elementor allows Stor… |
CVE-2023-47504 | Medium | 6.5 | 2024-04-24 | Improper Authentication vulnerability in Elementor Elementor Website Builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects… |
CVE-2024-37437 | Medium | 5.5 | 2024-07-09 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Elementor Elementor Website Builder elementor.This issue… |
CVE-2026-49782 | Medium | 5.4 | 2026-06-02 | Missing Authorization vulnerability in Elementor Elementor Website Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue… |
CVE-2025-67588 | Medium | 4.3 | 2025-12-09 | Missing Authorization vulnerability in Elementor Elementor Website Builder elementor allows Exploiting Incorrectly Configured Access Control Security Levels.Th… |
CVE-2023-33922 | Medium | 4.3 | 2024-06-11 | Missing Authorization vulnerability in Elementor Elementor Website Builder.This issue affects Elementor Website Builder: from n/a through 3.13.2. |
CVE-2026-32445 | Low | 2.7 | 2026-03-13 | Missing Authorization vulnerability in Elementor Elementor Website Builder elementor allows Exploiting Incorrectly Configured Access Control Security Levels.Th… |