Vulnerabilities > Elementor > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-05-17 CVE-2020-13126 Unrestricted Upload of File with Dangerous Type vulnerability in Elementor Page Builder
An issue was discovered in the Elementor Pro plugin before 2.9.4 for WordPress, as exploited in the wild in May 2020 in conjunction with CVE-2020-13125.
network
low complexity
elementor CWE-434
critical
9.9
2020-04-22 CVE-2020-7055 Unrestricted Upload of File with Dangerous Type vulnerability in Elementor Page Builder
An issue was discovered in Elementor 2.7.4.
network
low complexity
elementor CWE-434
critical
9.9
2020-01-22 CVE-2020-7109 Unspecified vulnerability in Elementor Website Builder
The Elementor Page Builder plugin before 2.8.4 for WordPress does not sanitize data during creation of a new template.
network
low complexity
elementor
critical
9.8