Ultimate Addons for Elementor

Vulnerabilities 14Slug header-footer-elementorLatest version 2.8.7WordPress.org →

Minimum safe version

2.5.0

Update to 2.5.0 or later to address 14 fixable vulnerabilities

Latest available2.8.7 ✓

N/A

2025-09-15< 2.5.0

Ultimate Addons for Elementor Lite <= 2.4.9 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload

Wordfence CVE

Medium 4.3

2025-10-06< 2.5.0

CVE-2025-60448

EUVD CVE

Medium 4.3

2025-08-02< 2.4.7

Ultimate Addons for Elementor (Formerly Elementor Header & Footer Builder) <= 2.4.6 - Missing Authorization to Authenticated (Subscriber+) Limited Settings Update

EUVD Wordfence CVE

Medium 6.4

2024-12-23< 1.6.47

CVE-2024-11230

CVE Patchstack Wordfence

Medium 6.4

2024-11-08< 1.6.46

CVE-2024-10325

CVE Patchstack Wordfence

Medium 4.3

2024-10-24< 1.6.44

CVE-2024-10050

CVE Wordfence Patchstack

Medium 5.4

2024-07-22< 1.6.36

CVE-2024-33933

CVE Patchstack Wordfence

Medium 5.4

2024-06-13< 1.6.36

CVE-2024-5757

CVE Patchstack Wordfence

Medium 5.4

2024-05-24< 1.6.26.1

CVE-2024-2618

CVE Patchstack Wordfence

Medium 5.4

2024-05-16< 1.6.27

CVE-2024-2619

CVE Patchstack Wordfence

Medium 5.4

2024-05-16< 1.6.29

CVE-2024-4634

CVE Patchstack Wordfence

Medium 5.4

2024-03-13< 1.6.25

CVE-2024-1237

CVE Wordfence Patchstack WPScan

N/A

2021-04-13< 1.5.8

WordPress Elementor – Header, Footer & Blocks Template plugin <= 1.5.7 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities

Patchstack

Medium 5.4

2021-05-05< 1.5.8

CVE-2021-24256

CVE Wordfence WPScan