Feed live

Elementor vulnerabilities - every known CVE across the builder and its add-ons

Elementor's widget and template system pulls in a large third-party add-on ecosystem, which is where most disclosed CVEs originate rather than the core builder.

Total CVEs tracked
339,613
All time
Critical · Active
10,844
CVSS ≥ 9.0
New · 14 days
2,602
Newly disclosed
Feed last synced
2 hrs ago
Data freshness

elementor security

Every published CVE affecting elementor

This list contains every CVE that names elementor as an affected product. Records come from the official CVE feeds maintained by MITRE and NIST. Each record includes a CVSS severity score, the affected version range, and a link to the full NVD entry. New records usually appear here within minutes of publication.

Third-party plugins, extensions, and add-ons built on top of elementor are included alongside the core product. In most CMS ecosystems, the majority of CVEs come from the extension layer rather than the core application itself. Searching by component name is just as important as searching by platform name.

Understanding CVSS scores

Severity ratings explained

Every CVE has a CVSS 3.x score from 0 to 10. The score is based on how the vulnerability can be reached (over the network or locally), how complex the exploit is, what access an attacker needs beforehand, whether a victim has to do something first, and the impact on confidentiality, integrity, and availability if the attack succeeds.

Critical 9.0–10.0 Remote, no auth, max impact
High 7.0–8.9 Serious, remotely exploitable
Medium 4.0–6.9 Often requires auth or conditions
Low 0.1–3.9 Limited exploitability or impact

Search by component name, vendor, or keyword to filter this list. Click any CVE ID to see the full record. If your installed version falls within the affected range, update immediately or check the vendor's security advisory.

Showing 1–30 CVEs
Sorted by Published · Newest first
CVE ID Severity CVSS Title Published
CVE-2026-13402 Jul 17, 2026 today
CVE-2026-61976 medium 5.3/10 Jul 13, 2026 4d ago
CVE-2026-57804 high 7.5/10 Jul 13, 2026 4d ago
CVE-2026-57718 high 7.1/10 Jul 13, 2026 4d ago
CVE-2026-57376 high 7.1/10 Jul 13, 2026 4d ago
CVE-2026-15338 high 7.5/10 Jul 11, 2026 6d ago
CVE-2026-13710 medium 6.4/10 Jul 10, 2026 7d ago
CVE-2026-15299 medium 6.4/10 Jul 10, 2026 7d ago
CVE-2026-15285 medium 6.4/10 Jul 10, 2026 7d ago
CVE-2026-15284 medium 6.4/10 Jul 10, 2026 7d ago
CVE-2026-10570 medium 6.4/10 Jul 8, 2026 9d ago
CVE-2026-11328 medium 6.4/10 Jul 7, 2026 10d ago
CVE-2026-59511 medium 5.3/10 Jul 5, 2026 11d ago
CVE-2026-9145 medium 6.5/10 Jul 2, 2026 15d ago
CVE-2026-11600 medium 4.3/10 Jul 2, 2026 15d ago
CVE-2026-11380 medium 6.4/10 Jul 1, 2026 16d ago
CVE-2026-49765 critical 9.8/10 Jun 15, 2026 1mo ago
CVE-2026-49109 critical 9.8/10 Jun 15, 2026 1mo ago
CVE-2026-49105 critical 9.8/10 Jun 15, 2026 1mo ago
CVE-2026-49104 critical 9.8/10 Jun 15, 2026 1mo ago
CVE-2026-49085 critical 9.8/10 Jun 15, 2026 1mo ago
CVE-2026-48870 medium 6.5/10 Jun 15, 2026 1mo ago
CVE-2026-45437 high 7.1/10 Jun 15, 2026 1mo ago
CVE-2026-25440 medium 5.3/10 Jun 15, 2026 1mo ago
CVE-2026-9691 critical 9.8/10 Jun 15, 2026 1mo ago
CVE-2023-25969 medium 5.4/10 Jun 11, 2026 1mo ago
CVE-2026-8613 medium 6.4/10 Jun 10, 2026 1mo ago
CVE-2025-8444 medium 6.4/10 Jun 10, 2026 1mo ago
CVE-2026-8677 medium 6.4/10 Jun 9, 2026 1mo ago
CVE-2026-11603 medium 6.1/10 Jun 9, 2026 1mo ago
Page 1
Prev 1 2