cleantalk
Vulnerabilities and Security Researches

ElementInvader Addons for Elementor, CVE-2026-25007

CVE, Research URL

CVE-2026-25007

Home page URL

Security reports for ElementInvader Addons for Elementor

Application

ElementInvader Addons for Elementor

Published on
Mar 25, 2026
Research Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows Blind SQL Injection.This issue affects ElementInvader Addons for Elementor: from n/a through <= 1.4.2.
Affected versions
max 1.4.2.
Status
vulnerable
Previous vulnerability researches
ElementInvader Addons for Elementor (CVE-2024-9888) , Oct 17, 2024
ElementInvader Addons for Elementor (CVE-2025-10873) , Nov 11, 2025
ElementInvader Addons for Elementor (CVE-2024-47630) , Oct 03, 2024
ElementInvader Addons for Elementor (CVE-2025-22786) , Jan 17, 2025
ElementInvader Addons for Elementor (CVE-2025-58205) , Aug 28, 2025
New vulnerability
Product Feed PRO for WooCommerce (CVE-2026-32443) , Mar 30, 2026
RegistrationMagic &#8211; Custom Registration Forms, User Registration, Payment, and User Login (CVE-2026-24373) , Mar 30, 2026
RegistrationMagic &#8211; Custom Registration Forms, User Registration, Payment, and User Login (CVE-2026-32385) , Mar 30, 2026
RegistrationMagic &#8211; Custom Registration Forms, User Registration, Payment, and User Login (CVE-2026-32498) , Mar 30, 2026
Gallery Block (Meow Gallery) (CVE-2026-32418) , Mar 30, 2026