Vulnerabilities > Elementor > Elementor Page Builder > 2.5.8

DATE CVE VULNERABILITY TITLE RISK
2020-09-16 CVE-2020-20406 Cross-site Scripting vulnerability in Elementor Page Builder
A stored XSS vulnerability exists in the Custom Link Attributes control Affect function in Elementor Page Builder 2.9.2 and earlier versions.
network
low complexity
elementor CWE-79
5.4
5.4
2020-06-05 CVE-2020-13865 Cross-site Scripting vulnerability in Elementor Page Builder
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from multiple stored XSS vulnerabilities.
network
low complexity
elementor CWE-79
5.4
5.4
2020-06-05 CVE-2020-13864 Cross-site Scripting vulnerability in Elementor Page Builder
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from a stored XSS vulnerability.
network
low complexity
elementor CWE-79
5.4
5.4
2020-04-22 CVE-2020-7055 Unrestricted Upload of File with Dangerous Type vulnerability in Elementor Page Builder
An issue was discovered in Elementor 2.7.4.
network
low complexity
elementor CWE-434
critical
 9.9
9.9