Medium 6.5
2026-02-26< 1.14.5
CVE-2026-28131
Addon Elements for Elementor (formerly Elementor Addon Elements)
Vulnerabilities 39Slug addon-elements-for-elementor-page-builderLatest version 1.14.5WordPress.org →
Minimum safe version
1.14.5
Update to 1.14.5 or later to address 39 fixable vulnerabilities
Latest available1.14.5 ✓
Medium 6.4
2025-12-14< 1.14.4
CVE-2025-12537
Medium 4.3
2025-01-15< 1.14
CVE-2024-13215
Medium 6.3
2024-10-16< 1.11.14
Freemius SDK <= 2.4.2 - Missing Authorization Checks
Medium 4.3
2024-10-14< 1.13.9
WordPress Elementor Addon Elements Plugin <= 1.13.8 is vulnerable to Sensitive Data Exposure
Medium 6.5
2024-10-06< 1.13.7
CVE-2024-47366
Medium 6.5
2024-11-01< 1.13.7
CVE-2024-47361
Medium 5.4
2024-08-30< 1.13.7
CVE-2024-7122
Medium 5.4
2024-08-30< 1.13.6
CVE-2024-4401
Medium 5.4
2024-06-27< 1.13.6
CVE-2024-4569
Medium 5.4
2024-06-27< 1.13.6
CVE-2024-4570
Medium 5.4
2024-06-12< 1.13.4
CVE-2024-2092
Medium 5.4
2024-05-02< 1.13.4
CVE-2024-3743
Medium 6.5
2024-03-28< 1.13.2
CVE-2024-30422
Medium 5.4
2024-04-09< 1.13.3
CVE-2024-2792
Medium 4.6
2024-03-28< 1.13.2
CVE-2024-2091
Medium 6.5
2024-03-19< 1.12.11
CVE-2024-29107
Medium 5.4
2024-03-13< 1.13
CVE-2024-1391
Medium 5.4
2024-03-13< 1.13
CVE-2024-1392
Medium 5.4
2024-03-13< 1.13
CVE-2024-1393
Medium 5.4
2024-03-13< 1.13
CVE-2024-1422
Medium 6.5
2024-03-13< 1.13
CVE-2024-1358
Medium 5.4
2024-02-05< 1.12.12
CVE-2024-0834
Medium 4.8
2023-11-15< 1.12.8
CVE-2023-5381
Medium 5.3
2023-11-15< 1.12.8
CVE-2023-4723
Medium 4.3
2023-11-15< 1.12.8
CVE-2023-4690
Medium 4.3
2023-11-15< 1.12.8
CVE-2023-4689
N/A
2023-07-19< 1.12
WordPress Elementor Addon Elements Plugin <= 1.11.16 is vulnerable to Cross Site Scripting (XSS)
N/A
2020-09-08< 1.6.4
Elementor Addon Elements <= 1.6.3 - Reflected Cross-Site Scripting
N/A
2021-07-20< 1.11.8
Elementor Addon Elements <= 1.11.7 - Cross-Site Request Forgery
N/A
2022-03-04< 1.11.14
Freemius SDK <= 2.4.2 - Missing Authorization Checks
N/A
< 1.6.4
Elementor Addon Elements < 1.6.4 - CSRF & XSS
N/A
< 1.11.8
Elementor Addon Elements < 1.11.8 - CSRF Bypass
N/A
< 1.11.14
Unauthorised AJAX Calls via Freemius
N/A
2020-09-09< 1.6.4
WordPress Elementor Addon Elements plugin <= 1.6.3 - Reflected Cross-Site Scripting (XSS) vulnerability
N/A
2021-04-13< 1.11.2
WordPress Elementor Addon Elements plugin <= 1.11.1 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities
N/A
2022-02-28< 1.11.14
WordPress Elementor Addon Elements plugin < 1.11.14 - Sensitive Information Disclosure vulnerability
N/A
2022-02-28< 1.11.14
WordPress Elementor Addon Elements plugin < 1.11.14 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Medium 5.4
2021-05-05< 1.11.2
CVE-2021-24259