Elementor Elementor_page_builder
8 CVEs affecting Elementor Elementor_page_builder. Latest disclosed: 2025-06-10. Critical: 2, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-13126 | Critical | 9.9 | 2020-05-17 | An issue was discovered in the Elementor Pro plugin before 2.9.4 for WordPress, as exploited in the wild in May 2020 in conjunction with CVE-2020-13125. An att… |
CVE-2020-7055 | Critical | 9.9 | 2020-04-22 | An issue was discovered in Elementor 2.7.4. Arbitrary file upload is possible in the Elementor Import Templates function, allowing an attacker to execute code… |
CVE-2017-18596 | High | 8.8 | 2019-09-10 | The elementor plugin before 1.8.0 for WordPress has incorrect access control for internal functions. |
CVE-2025-3076 | Medium | 6.4 | 2025-06-10 | The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘button_text’ parameter in all versions up to, and… |
CVE-2018-18379 | Medium | 6.1 | 2019-10-07 | The elementor-edit-template class in wp-admin/customize.php in the Elementor Pro plugin before 2.0.10 for WordPress has XSS. |
CVE-2020-20406 | Medium | 5.4 | 2020-09-16 | A stored XSS vulnerability exists in the Custom Link Attributes control Affect function in Elementor Page Builder 2.9.2 and earlier versions. It is caused by i… |
CVE-2020-13865 | Medium | 5.4 | 2020-06-05 | The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from multiple stored XSS vulnerabilities. An author user can create posts that result in s… |
CVE-2020-13864 | Medium | 5.4 | 2020-06-05 | The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from a stored XSS vulnerability. An author user can create posts that result in a stored X… |