cleantalk
Vulnerabilities and Security Researches

Elementor Website Builder – More than Just a Page Builder, CVE-2022-29455

CVE, Research URL

CVE-2022-29455

Home page URL

Security reports for Elementor Website Builder – More than Just a Page Builder

Application

Elementor Website Builder – More than Just a Page Builder

Published on
Jun 13, 2022
Research Description
DOM-based Reflected Cross-Site Scripting (XSS) vulnerability in Elementor's Elementor Website Builder plugin <= 3.5.5 versions.
Affected versions
Min -, max 2.7.6.
Status
vulnerable
Previous vulnerability researches
Hello Elementor (CVE-2024-31289) , Jun 10, 2024
Envo&#039;s Elementor Templates & Widgets for WooCommerce (CVE-2024-43292) , Aug 20, 2024
Envo&#039;s Elementor Templates & Widgets for WooCommerce (CVE-2024-0766) , Jun 10, 2024
Envo&#039;s Elementor Templates & Widgets for WooCommerce (CVE-2024-35167) , Jun 10, 2024
Envo&#039;s Elementor Templates & Widgets for WooCommerce (CVE-2024-50447) , Oct 27, 2024
New vulnerability
Featured Image Plus (CVE-2025-4431) , Jun 10, 2025
Products per Page for WooCommerce (CVE-2025-47504) , Jun 10, 2025
Min Max Default Quantity for WooCommerce (CVE-2025-47504) , Jun 09, 2025
The Plus Addons for Elementor (CVE-2025-49076) , Jun 06, 2025
WP Pipes (CVE-2025-48267) , Jun 06, 2025