Testa din hemsida →

Elementor pro

Det finns 9 kända sårbarheter i Elementor pro.

9
Kända sårbarheter
1
Kritiska/höga
2024-06-07
Senaste sårbarhet
Använder du Elementor pro?

Kör ett gratis test och se om din hemsida är påverkad.

Testa din hemsida

Kända sårbarheter

Medel 2024-06-07

CVE-2024-5612: The Essential Addons for Elementor Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘eael_lightbox_open_btn_icon’ parameter within the Lightbox & Modal widget in al...

Påverkade versioner: < 5.8.16

The Essential Addons for Elementor Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘eael_lightbox_open_btn_icon’ parameter within the Lightbox & Modal widget in all versi...

Medel 2024-05-29

CVE-2024-5086: The Essential Addons for Elementor PRO – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Team Mem...

Påverkade versioner: < 5.8.15

The Essential Addons for Elementor PRO – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Team Member C...

Medel 2024-04-22

CVE-2024-3645: The Essential Addons for Elementor Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Counter widget in all versions up to, and including, 5.8.11 due to insuffic...

Påverkade versioner: < 5.8.12

The Essential Addons for Elementor Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Counter widget in all versions up to, and including, 5.8.11 due to insufficien...

Medel 2024-03-27

CVE-2024-2781: The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the video_html_tag attribute in all versions up to, and including, 3.20.1 due to insufficient...

Påverkade versioner: < 3.20.2

The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the video_html_tag attribute in all versions up to, and including, 3.20.1 due to insufficient in...

Medel 2024-03-27

CVE-2024-2121: The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Media Carousel widget in all versions up to, and including, 3.20.1 due to insuff...

Påverkade versioner: < 3.20.2

The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Media Carousel widget in all versions up to, and including, 3.20.1 due to insuffici...

Medel 2024-03-27

CVE-2024-1364: The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widget's custom_id in all versions up to, and including, 3.20.1 due to insufficient input san...

Påverkade versioner: < 3.20.2

The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widget's custom_id in all versions up to, and including, 3.20.1 due to insufficient input saniti...

Medel 2024-03-27

CVE-2024-1521: The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an SVGZ file uploaded via the Form widget in all versions up to, and including, 3.20.1 due to...

Påverkade versioner: < 3.20.2

The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an SVGZ file uploaded via the Form widget in all versions up to, and including, 3.20.1 due to in...

Medel 2024-01-11

CVE-2023-6632: The Happy Addons for Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via DOM in all versions up to and including 3.9.1.1 (versions up to 2.9.1.1 in Happy Addons for E...

Påverkade versioner: < 3.10.0

The Happy Addons for Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via DOM in all versions up to and including 3.9.1.1 (versions up to 2.9.1.1 in Happy Addons for Elem...

Hög 2023-06-07

CVE-2023-3124: The Elementor Pro plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the update_page_option function in versions up to, and including, 3.11.6....

Påverkade versioner: < 3.11.7

The Elementor Pro plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the update_page_option function in versions up to, and including, 3.11.6. Th...

Vår rekommendation

Håll tillägget uppdaterat. De flesta sårbarheter åtgärdas snabbt av utvecklarna.

Ta bort tillägg du inte använder. Varje tillägg är en potentiell attackyta.

Testa din hemsida regelbundet. Automatisk bevakning fångar problem tidigt.

Andra tillägg med kända sårbarheter

Elementor 50 sårb. Redirection 48 sårb. Contact form 7 42 sårb. Revslider 5 sårb. Call now button 4 sårb. Bold page builder 4 sårb.