cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forwoolementor woolementor

Direction: descending
Apr 25, 2026

Best WooCommerce Builder for Elementor: Customize Checkout, Shop, Product & More With CoDesigner # CVE-2025-57961

CVE, Research URL

CVE-2025-57961

Home page URL

Security reports for Best WooCommerce Builder for Elementor: Customize Checkout, Shop, Product & More With CoDesigner

Application

Best WooCommerce Builder for Elementor: Customize Checkout, Shop, Product & More With CoDesigner

Date
Sep 23, 2025
Research Description
Missing Authorization vulnerability in Codexpert, Inc CoDesigner woolementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CoDesigner: from n/a through <= 4.29.
Affected versions
max 4.26.
Status
vulnerable
Jan 17, 2025

Best WooCommerce Builder for Elementor: Customize Checkout, Shop, Product &amp; More With CoDesigner # CVE-2025-22788

CVE, Research URL

CVE-2025-22788

Home page URL

Security reports for Best WooCommerce Builder for Elementor: Customize Checkout, Shop, Product &amp; More With CoDesigner

Application

Best WooCommerce Builder for Elementor: Customize Checkout, Shop, Product &amp; More With CoDesigner

Date
Jan 15, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codexpert, Inc CoDesigner WooCommerce Builder for Elementor allows Stored XSS.This issue affects CoDesigner WooCommerce Builder for Elementor: from n/a through 4.7.17.2.
Affected versions
max 4.13.
Status
vulnerable
Jul 22, 2024

Best WooCommerce Builder for Elementor: Customize Checkout, Shop, Product &amp; More With CoDesigner # CVE-2024-4371

CVE, Research URL

CVE-2024-4371

Home page URL

Security reports for Best WooCommerce Builder for Elementor: Customize Checkout, Shop, Product &amp; More With CoDesigner

Application

Best WooCommerce Builder for Elementor: Customize Checkout, Shop, Product &amp; More With CoDesigner

Date
Jun 13, 2024
Research Description
The CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products & More plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.4.1 via deserialization of untrusted input from the recently_viewed_products cookie. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.
Affected versions
max 4.5.
Status
vulnerable
Jun 13, 2024

Best WooCommerce Builder for Elementor: Customize Checkout, Shop, Product &amp; More With CoDesigner # CVE-2024-4564

CVE, Research URL

CVE-2024-4564

Home page URL

Security reports for Best WooCommerce Builder for Elementor: Customize Checkout, Shop, Product &amp; More With CoDesigner

Application

Best WooCommerce Builder for Elementor: Customize Checkout, Shop, Product &amp; More With CoDesigner

Date
Jun 12, 2024
Research Description
The CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Shop Slider, Tabs Classic, and Image Comparison widgets in all versions up to, and including, 4.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions
max 4.5.
Status
vulnerable