High 7.6
2026-04-15< 8.5.0
CVE-2026-40745
Element Pack – Widgets, Templates & Addons for Elementor
Minimum safe version
8.5.0
Update to 8.5.0 or later to address 41 fixable vulnerabilities
Latest available8.6.2 ✓
N/A
2026-04-07< 8.5.0
Element Pack Addons for Elementor <= 8.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via SVG Image Widget
Medium 6.5
2026-02-15< 8.3.18
Element Pack Addons for Elementor <= 8.3.17 - Authenticated (Contributor+) Arbitrary File Read
Medium 4.3
2026-01-22< 8.3.14
CVE-2025-31413
Medium 5.4
2025-11-18< 8.3.5
CVE-2025-13196
Medium 5.0
2025-10-20< 8.2.6
CVE-2025-11536
Medium 5.4
2025-08-06< 8.1.6
Element Pack Elementor Addons and Templates <= 8.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Open Street Map Widget Marker Content
Medium 6.4
2025-07-03< 8.1.0
Element Pack Addons for Elementor <= 8.0.0 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via data-caption Attribute
Medium 6.4
2025-05-30< 5.11.3
Element Pack Addons for Elementor – Best Elementor addons with Ready Templates, Blocks, Widgets and WooCommerce Builder <= 5.11.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting
Medium 6.4
2025-04-26< 5.10.30
Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows) <= 5.10.29 - Authenticated (Contributor+) Stored Cross-Site Scripting
Medium 6.4
2025-04-18< 5.10.29
Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows) <= 5.10.28 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting
Medium 6.4
2025-01-08< 5.10.15
CVE-2024-12851
Medium 4.3
2024-12-22< 5.10.13
CVE-2024-11852
Medium 5.4
2024-12-03< 5.10.6
CVE-2024-9058
Medium 5.4
2024-11-29< 5.10.3
CVE-2024-10980
Medium 5.4
2024-11-28< 5.10.3
CVE-2024-10493
Medium 5.4
2024-11-05< 5.10.3
CVE-2024-9867
Medium 5.4
2024-11-05< 5.10.3
CVE-2024-9657
Medium 5.4
2024-11-02< 5.10.2
CVE-2024-9868
Medium 6.4
2024-11-02< 5.10.2
CVE-2024-10310
Medium 6.5
2024-10-05< 5.7.6
CVE-2024-47392
Medium 5.4
2024-08-13< 5.7.3
CVE-2024-7247
Medium 6.5
2024-08-09< 5.7.3
CVE-2024-4359
Medium 5.4
2024-08-09< 5.7.7
CVE-2024-4360
Medium 5.4
2024-08-01< 5.6.12
CVE-2024-39667
Medium 5.4
2024-08-02< 5.6.12
CVE-2024-4643
Medium 6.4
2024-07-18< 5.6.6
CVE-2024-5555
Medium 6.4
2024-07-18< 5.6.12
CVE-2024-5554
Medium 5.4
2024-06-12< 5.6.12
CVE-2024-3925
Medium 5.4
2024-05-22< 5.6.2
CVE-2024-3926
Medium 5.3
2024-05-22< 5.6.4
CVE-2024-3927
Medium 5.4
2024-04-18< 5.6.1
CVE-2024-32572
Medium 5.4
2024-04-18< 5.6.1
CVE-2024-1429
Medium 5.4
2024-04-18< 5.6.1
CVE-2024-1426
High 7.5
2024-04-15< 5.6.0
WordPress Element Pack Elementor Addons Plugin <= 5.5.6 is vulnerable to Sensitive Data Exposure
Medium 5.4
2024-04-06< 5.5.4
CVE-2024-1428
Medium 5.4
2024-04-06< 5.3.3
CVE-2024-0837
High 8.5
2024-03-29< 5.5.4
CVE-2024-30496
Medium 6.5
2024-03-27< 5.5.4
CVE-2024-30185
Medium 4.3
2024-03-23< 5.4.12
CVE-2024-24840
N/A
2023-07-18< 5.2.1
WordPress Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid) Plugin <= 5.2.0 is vulnerable to Cross Site Scripting (XSS)