Vulnerabilities > Elementor > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-16 | CVE-2020-20406 | Cross-site Scripting vulnerability in Elementor Page Builder A stored XSS vulnerability exists in the Custom Link Attributes control Affect function in Elementor Page Builder 2.9.2 and earlier versions. | 5.4 |
| 2020-08-31 | CVE-2020-15020 | Cross-site Scripting vulnerability in Elementor Website Builder An issue was discovered in the Elementor plugin through 2.9.13 for WordPress. | 5.4 |
| 2020-08-21 | CVE-2020-20634 | Unspecified vulnerability in Elementor Website Builder Elementor 2.9.5 and below WordPress plugin allows authenticated users to activate its safe mode feature. | 6.5 |
| 2020-06-05 | CVE-2020-13865 | Cross-site Scripting vulnerability in Elementor Page Builder The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from multiple stored XSS vulnerabilities. | 5.4 |
| 2020-06-05 | CVE-2020-13864 | Cross-site Scripting vulnerability in Elementor Page Builder The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from a stored XSS vulnerability. | 5.4 |
| 2020-01-28 | CVE-2020-8426 | Cross-site Scripting vulnerability in Elementor Website Builder The Elementor plugin before 2.8.5 for WordPress suffers from a reflected XSS vulnerability on the elementor-system-info page. | 5.4 |
| 2019-10-07 | CVE-2018-18379 | Cross-site Scripting vulnerability in Elementor Page Builder The elementor-edit-template class in wp-admin/customize.php in the Elementor Pro plugin before 2.0.10 for WordPress has XSS. | 6.1 |