Unlimited-elements Unlimited_elements_for_elementor
22 CVEs affecting Unlimited-elements Unlimited_elements_for_elementor. Latest disclosed: 2025-04-03. Critical: 4, High: 9.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-31090 | Critical | 9.9 | 2024-04-24 | Unrestricted Upload of File with Dangerous Type vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) allows U… |
CVE-2023-31231 | Critical | 9.9 | 2023-12-20 | Unrestricted Upload of File with Dangerous Type vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates).This iss… |
CVE-2024-49271 | Critical | 9.1 | 2024-10-16 | Deserialization of Untrusted Data vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) unlimited-elements-for… |
CVE-2023-33930 | Critical | 9.1 | 2024-06-04 | Unrestricted Upload of File with Dangerous Type vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) allows C… |
CVE-2024-5329 | High | 8.8 | 2024-06-06 | The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to blind SQL Injection via the ‘data[addonID]’ parame… |
CVE-2023-6743 | High | 8.8 | 2024-05-29 | The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and i… |
CVE-2024-4779 | High | 8.8 | 2024-05-23 | The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to SQL Injection via the ‘data[post_ids][0]’ paramete… |
CVE-2024-3055 | High | 8.8 | 2024-05-14 | The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in… |
CVE-2023-3295 | High | 8.8 | 2023-06-17 | The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) for WordPress is vulnerable to arbitrary file uploads due to missing file type validatio… |
CVE-2023-31080 | High | 8.3 | 2024-06-09 | Missing Authorization vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates).This issue affects Unlimited Eleme… |
CVE-2024-2662 | High | 7.2 | 2024-05-14 | The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to command injection in all versions up to, and inclu… |
CVE-2024-45454 | High | 7.1 | 2024-10-06 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free… |
CVE-2024-29792 | High | 7.1 | 2024-03-27 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free… |
CVE-2025-1663 | Medium | 6.4 | 2025-04-03 | The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets in all versions up to, and including… |
CVE-2024-13155 | Medium | 6.4 | 2025-02-20 | The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Transparent Split Hero widget in all ve… |
CVE-2024-13153 | Medium | 6.4 | 2025-01-09 | The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and includin… |
CVE-2024-10784 | Medium | 6.4 | 2024-12-12 | The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Tile Gallery'… |
CVE-2024-0367 | Medium | 6.4 | 2024-03-30 | The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the link field of an installed widget (e.g., 'Button… |
CVE-2024-3547 | Medium | 6.1 | 2024-05-14 | The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'google_con… |
CVE-2022-47170 | Medium | 5.9 | 2023-03-28 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin… |