Unlimited Elements For Elementor

Vulnerabilities 38Slug unlimited-elements-for-elementorLatest version 2.0.8WordPress.org →

Minimum safe version

2.0.7

Update to 2.0.7 or later to address 38 fixable vulnerabilities

Latest available2.0.8 ✓

Medium 6.1

2026-05-01< 1.5.141

CVE-2024-13362

CVE Wordfence

High 7.5

2026-04-17< 2.0.7

CVE-2026-4659

CVE Wordfence

N/A

2026-03-09< 2.0.6

Unlimited Elements For Elementor <= 2.0.5 - Unauthenticated Stored Cross-Site Scripting via Form Entry Fields

Wordfence CVE

Medium 5.4

2026-02-03< 2.0.2

CVE-2025-14274

CVE Wordfence

High 7.2

2025-11-27< 2.0.1

CVE-2025-13692

CVE EUVD Wordfence

Medium 6.4

2025-08-28< 1.5.149

Unlimited Elements For Elementor <= 1.5.148 - Authenticated (Contributor+) Stored Cross-Site Scripting

EUVD Wordfence CVE

Medium 6.4

2025-04-03< 1.5.143

Unlimited Elements For Elementor <= 1.5.142 - Authenticated (Contributor+) Stored Cross-Site Scripting

EUVD Wordfence CVE

Medium 6.4

2025-02-20< 1.5.141

CVE-2024-13155

CVE EUVD Wordfence

Medium 6.4

2025-01-09< 1.5.135

CVE-2024-13153

CVE Wordfence

Medium 6.4

2024-12-12< 1.5.127

CVE-2024-10784

CVE Patchstack Wordfence

Medium 6.3

2024-10-16< 1.5.3

Freemius SDK <= 2.4.2 - Missing Authorization Checks

CVE

Critical 9.1

2024-10-16< 1.5.122

CVE-2024-49271

CVE Patchstack Wordfence

High 7.1

2024-10-06< 1.5.122

CVE-2024-45454

CVE Patchstack Wordfence

High 8.8

2024-07-09< 1.5.113

CVE-2024-6166

CVE Patchstack Wordfence

Medium 5.3

2024-07-09< 1.5.113

CVE-2024-6171

CVE Patchstack Wordfence

Medium 5.4

2024-07-09< 1.5.113

CVE-2024-6169

CVE Patchstack Wordfence

Medium 5.4

2024-07-09< 1.5.113

CVE-2024-6170

CVE Wordfence

High 8.8

2024-06-06< 1.5.110

CVE-2024-5329

CVE Patchstack Wordfence

Medium 4.3

2024-06-05< 1.5.110

CVE-2024-35674

CVE Patchstack Wordfence

Medium 4.6

2024-05-30< 1.5.108

CVE-2024-3190

CVE Wordfence Patchstack

High 8.8

2024-05-29< 1.5.91

CVE-2023-6743

CVE Patchstack Wordfence

High 8.8

2024-05-23< 1.5.108

CVE-2024-4779

CVE Patchstack Wordfence

High 8.8

2024-05-10< 1.5.105

CVE-2024-3055

CVE Wordfence Patchstack

Medium 6.1

2024-05-10< 1.5.103

CVE-2024-3547

CVE Patchstack Wordfence

High 7.2

2024-05-10< 1.5.103

CVE-2024-2662

CVE Patchstack Wordfence

Medium 5.4

2024-03-30< 1.5.97

CVE-2024-0367

CVE Wordfence Patchstack WPScan

High 7.1

2024-03-27< 1.5.94

CVE-2024-29792

CVE Wordfence Patchstack WPScan

N/A

2023-07-18< 1.5.75

WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Plugin < 1.5.75 is vulnerable to Cross Site Scripting (XSS)

Patchstack WPScan CVE

Critical 9.9

2023-12-20< 1.5.66

CVE-2023-31231

CVE Patchstack

High 8.3

2024-06-09< 1.5.66

CVE-2023-31080

CVE Patchstack Wordfence

High 8.8

2023-06-17< 1.5.67

CVE-2023-3295

CVE Wordfence WPScan

Critical 9.1

2024-06-04< 1.5.67

CVE-2023-33930

CVE Patchstack Wordfence

Critical 9.9

2024-04-24< 1.5.61

CVE-2023-31090

CVE Patchstack Wordfence

Medium 5.9

2023-03-28< 1.5.49

CVE-2022-47170

CVE Patchstack Wordfence WPScan

N/A

2022-03-04< 1.5.3

Freemius SDK <= 2.4.2 - Missing Authorization Checks

Wordfence

N/A

< 1.5.3

Unauthorised AJAX Calls via Freemius

WPScan

N/A

2022-02-28< 1.5.3

WordPress "Unlimited Elements For Elementor (Free Widgets, Addons, Templates)" plugin < 1.5.3 - Sensitive Information Disclosure vulnerability

Patchstack

N/A

2022-02-28< 1.5.3

WordPress "Unlimited Elements For Elementor (Free Widgets, Addons, Templates)" plugin < 1.5.3 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Patchstack