Testa din hemsida →
Premium Addons for Elementor – Powerful Elementor Templates & Widgets ikon

Premium Addons for Elementor – Powerful Elementor Templates & Widgets

4.9/5
700 000+ installationer

Elementor Carousel, Mega Menu, Posts List/Slider, Media Gallery, WooCommerce Widgets, Display Conditions, Premade Templates & more.

30
Kända sårbarheter
0
Kritiska / höga
2026-01-17
Senaste sårbarhet
700 000+
Aktiva installationer

Om Premium Addons for Elementor – Powerful Elementor Templates & Widgets

Om Premium Addons for Elementor

Premium Addons for Elementor är ett populärt WordPress-tillägg som utökar Elementor med avancerade widgets och funktioner som karuseller, megamenyer, produktlistor och färdiga mallar. Med över 700 000 aktiva installationer är det ett av de mest använda tilläggen inom Elementor-ekosystemet.

Säkerhetsstatus

Tillägget har för närvarande 24 kända sårbarheter, alla klassificerade som "medium" i allvarlighetsgrad. Den senaste sårbarheten upptäcktes så sent som december 2025, vilket visar att säkerhetsövervakningen är aktiv och pågående.

Medium-sårbarheter innebär normalt att en attack kräver viss teknisk kunskap eller specifika förutsättningar för att lyckas. De utgör sällan en omedelbar risk för vanliga webbplatser, men bör inte ignoreras.

Rekommendationer

Trots sårbarheterna kan tillägget användas säkert med rätt försiktighetsåtgärder:

  • Håll tillägget uppdaterat – installera alltid den senaste versionen så fort den blir tillgänglig
  • Använd stark autentisering med tvåfaktorsautentisering för WordPress-administratörer
  • Begränsa administratörsåtkomst till endast betrodda användare
  • Övervaka webbplatsen regelbundet för ovanlig aktivitet

Regelbundna uppdateringar är det absolut viktigaste skyddet mot säkerhetshot och bör prioriteras högt i ditt WordPress-underhåll.

Använder du Premium Addons for Elementor – Powerful Elementor Templates & Widgets?

Kör ett gratis test och se om din hemsida är påverkad av dessa sårbarheter.

Testa din hemsida

Alla kända sårbarheter

Medel CVE-2025-69300

Premium Addons for Elementor <= 4.11.63 - Missing Authorization to Authenticated (Subscriber+) Settings Update

Påverkade versioner: <= 4.11.63

Medel CVE-2025-14163

CVE-2025-14163: The Premium Addons for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.11.53. This is due to missing nonce validation in the 'inse...

Påverkade versioner: < 4.11.54

The Premium Addons for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.11.53. This is due to missing nonce validation in the 'insert_inner_template' function. This makes it possible f...

Medel CVE-2025-14155

CVE-2025-14155: The Premium Addons for Elementor – Powerful Elementor Templates & Widgets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_template_...

Påverkade versioner: < 4.11.54

The Premium Addons for Elementor – Powerful Elementor Templates & Widgets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_template_content' function in all versions up to, and including,...

Medel CVE-2025-14163

Premium Addons for Elementor <= 4.11.53 - Cross-Site Request Forgery via 'insert_inner_template'

Påverkade versioner: <= 4.11.53

Medel CVE-2025-14155

Premium Addons for Elementor <= 4.11.53 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'get_template_content'

Påverkade versioner: <= 4.11.53

Medel CVE-2025-68494

Premium Addons for Elementor <= 4.11.53 - Unauthenticated Information Exposure

Påverkade versioner: <= 4.11.53

Medel CVE-2024-11937

Premium Addons for Elementor <= 4.10.69 - Authenticated (Contributor+) Stored Cross-Site Scripting

Påverkade versioner: <= 4.10.69

Medel CVE-2025-4774

CVE-2025-4774: The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-countdown attribute of Countdown widget in all versions up to, and including, 4.11.8 ...

Påverkade versioner: < 4.11.9

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-countdown attribute of Countdown widget in all versions up to, and including, 4.11.8 due to insufficient input sanitization and output esc...

Medel CVE-2025-4774

Premium Addons for Elementor <= 4.11.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget

Påverkade versioner: <= 4.11.8

Medel CVE-2024-10266

CVE-2024-10266: The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Video Box widget in all versions up to, and including, 4.10.60 due to insufficien...

Påverkade versioner: < 4.10.61

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Video Box widget in all versions up to, and including, 4.10.60 due to insufficient input sanitization and output escaping on user supp...

Medel CVE-2021-4445

CVE-2021-4445: The Premium Addons for Elementor plugin for WordPress is vulnerable to Arbitrary Option Updates in versions up to, and including, 4.5.1. This is due to missing capability and nonce checks in the pa...

Påverkade versioner: < 4.5.2

The Premium Addons for Elementor plugin for WordPress is vulnerable to Arbitrary Option Updates in versions up to, and including, 4.5.1. This is due to missing capability and nonce checks in the pa_dismiss_admin_notice AJAX action. This makes it poss...

Medel CVE-2024-8681

CVE-2024-8681: The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Media Grid widget in all versions up to, and including, 4.10.52 due to insufficie...

Påverkade versioner: < 4.10.53

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Media Grid widget in all versions up to, and including, 4.10.52 due to insufficient input sanitization and output escaping on user sup...

Medel CVE-2024-6824

CVE-2024-6824: The Premium Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'check_temp_validity' and 'update_template...

Påverkade versioner: < 4.10.39

The Premium Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'check_temp_validity' and 'update_template_title' functions in all versions up to, and includin...

Medel CVE-2024-6495

CVE-2024-6495: The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Animated Text widget in all versions up to, and including, 4.10.36 due to insuffi...

Påverkade versioner: < 4.10.37

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Animated Text widget in all versions up to, and including, 4.10.36 due to insufficient input sanitization and output escaping on user...

Medel CVE-2024-6434

CVE-2024-6434: The Premium Addons for Elementor plugin for WordPress is vulnerable to Regular Expression Denial of Service (ReDoS) in all versions up to, and including, 4.10.35. This is due to processing user-sup...

Påverkade versioner: < 4.10.36

The Premium Addons for Elementor plugin for WordPress is vulnerable to Regular Expression Denial of Service (ReDoS) in all versions up to, and including, 4.10.35. This is due to processing user-supplied input as a regular expression. This makes it po...

Medel CVE-2024-6340

CVE-2024-6340: The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 4.10.35 due to insufficien...

Påverkade versioner: < 4.10.36

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 4.10.35 due to insufficient input sanitization and output escaping on user supp...

Medel CVE-2024-5553

CVE-2024-5553: The Premium Addons for Elementor plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via several parameters in all versions up to, and including, 4.10.33 due to insufficient...

Påverkade versioner: < 4.10.34

The Premium Addons for Elementor plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via several parameters in all versions up to, and including, 4.10.33 due to insufficient input sanitization and output escaping. This makes i...

Medel CVE-2024-4379

CVE-2024-4379: The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Global Tooltip widget in all versions up to, and including, 4.10.31 due to insuff...

Påverkade versioner: < 4.10.32

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Global Tooltip widget in all versions up to, and including, 4.10.31 due to insufficient input sanitization and output escaping on user...

Medel CVE-2024-4376

CVE-2024-4376: The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Fancy Text widget in all versions up to, and including, 4.10.31 due to insufficie...

Påverkade versioner: < 4.10.32

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Fancy Text widget in all versions up to, and including, 4.10.31 due to insufficient input sanitization and output escaping on user sup...

Medel CVE-2024-4205

CVE-2024-4205: The Premium Addons for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the get_template_content() function in all versions up to, an...

Påverkade versioner: < 4.10.32

The Premium Addons for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the get_template_content() function in all versions up to, and including, 4.10.31. This makes it possible for auth...

Medel CVE-2024-4378

CVE-2024-4378: The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's menu and shape widgets in all versions up to, and including, 4.10.30 due to insuf...

Påverkade versioner: < 4.10.32

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's menu and shape widgets in all versions up to, and including, 4.10.30 due to insufficient input sanitization and output escaping on use...

Medel CVE-2024-4203

CVE-2024-4203: The Premium Addons Pro for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the maps widget in all versions up to, and including, 4.10.30 due to insufficient input sa...

Påverkade versioner: < 4.10.31

The Premium Addons Pro for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the maps widget in all versions up to, and including, 4.10.30 due to insufficient input sanitization and output escaping on user supplied attri...

Medel CVE-2024-3885

CVE-2024-3885: The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the subcontainer value parameter in all versions up to, and including, 4.10.28 due to insuffic...

Påverkade versioner: < 4.10.29

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the subcontainer value parameter in all versions up to, and including, 4.10.28 due to insufficient input sanitization and output escaping. This mak...

Medel CVE-2024-3647

CVE-2024-3647: The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's post ticker widget in all versions up to, and including, 4.10.28 due to insuffici...

Påverkade versioner: < 4.10.29

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's post ticker widget in all versions up to, and including, 4.10.28 due to insufficient input sanitization and output escaping on user su...

Medel CVE-2024-2666

CVE-2024-2666: The Premium Addons for Elementor plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the plugin's Bullet List Widget in all versions up to, and including, 4.10.24 due to...

Påverkade versioner: < 4.10.25

The Premium Addons for Elementor plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the plugin's Bullet List Widget in all versions up to, and including, 4.10.24 due to insufficient input sanitization and output escaping...

Medel CVE-2024-2665

CVE-2024-2665: The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's button in all versions up to, and including, 4.10.27 due to insufficient input sa...

Påverkade versioner: < 4.10.28

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's button in all versions up to, and including, 4.10.27 due to insufficient input sanitization and output escaping on user supplied attri...

Medel CVE-2024-2664

CVE-2024-2664: The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown Widget in all versions up to, and including, 4.10.24 due to insufficien...

Påverkade versioner: < 4.10.25

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown Widget in all versions up to, and including, 4.10.24 due to insufficient input sanitization and output escaping on user supp...

Medel CVE-2024-0376

CVE-2024-0376: The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Wrapper Link Widget in all versions up to, and including, 4.10.16 due to insuffic...

Påverkade versioner: <= 4.10.16

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Wrapper Link Widget in all versions up to, and including, 4.10.16 due to insufficient input sanitization and output escaping on user s...

Medel CVE-2024-0326

CVE-2024-0326: The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Link Wrapper functionality in all versions up to, and including, 4.10.17 due to i...

Påverkade versioner: < 4.10.18

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Link Wrapper functionality in all versions up to, and including, 4.10.17 due to insufficient input sanitization and output escaping on...

Medel CVE-2024-1242

CVE-2024-1242: The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the button onclick attribute in all versions up to, and including, 4.10.18 due to insufficient...

Påverkade versioner: < 4.10.19

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the button onclick attribute in all versions up to, and including, 4.10.18 due to insufficient input sanitization and output escaping. This makes i...

Så skyddar du din sajt

Sårbarheter i tillägg är den vanligaste attackytan för WordPress-sajter. Det bästa skyddet är att vara proaktiv — här är tre konkreta steg.

Håll tillägget uppdaterat

De flesta sårbarheter i Premium Addons for Elementor – Powerful Elementor Templates & Widgets åtgärdas snabbt av utvecklarna. Uppdatera alltid till senaste versionen.

Ta bort oanvända tillägg

Varje tillägg är en potentiell attackyta. Avinstallera det du inte aktivt använder.

Bevaka automatiskt

Med löpande övervakning upptäcker du problem innan de blir allvarliga.

Vill du slippa hålla koll själv? Med ett supportavtal från Sitesupport sköter vi uppdateringar och säkerhet åt dig.

Vanliga frågor om Premium Addons for Elementor – Powerful Elementor Templates & Widgets

Premium Addons for Elementor – Powerful Elementor Templates & Widgets har 30 kända sårbarheter. Det betyder inte nödvändigtvis att tillägget är osäkert — de flesta sårbarheter åtgärdas i nya versioner. Det viktigaste är att alltid köra den senaste versionen.
Det enklaste sättet är att köra ett gratis test av din hemsida på sitesupport.co. Testet kontrollerar vilka tillägg du använder och vilka versioner som är installerade, och jämför det mot kända sårbarheter.
Uppdatera till den senaste versionen så snart som möjligt. Om det inte finns en uppdatering som åtgärdar problemet bör du överväga att tillfälligt inaktivera tillägget, särskilt om sårbarheten har kritisk eller hög allvarlighetsgrad.
Premium Addons for Elementor – Powerful Elementor Templates & Widgets har över 700 000 aktiva installationer på WordPress.org och ett betyg på 4.9 av 5. Populära tillägg har generellt bättre säkerhetsrutiner tack vare större community och fler ögon på koden.

Andra tillägg med kända sårbarheter

Royal Addons for Elementor – Addons and Templates Kit for Elementor
60 sårbarheter
Ninja Forms – The Contact Form Builder That Grows With You
58 sårbarheter
Booking Calendar
56 sårbarheter
Newsletter – Send awesome emails from WordPress
56 sårbarheter
Elementor Website Builder – More Than Just a Page Builder
55 sårbarheter
Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin
54 sårbarheter

Hur mår din hemsida?

Kör ett gratis test och se hur din sajt presterar inom SEO, säkerhet, prestanda och tillgänglighet — på under en minut.

Testa gratis

Inget konto krävs