cleantalk
Vulnerabilities and Security Researches

Elementor Header & Footer Builder, CVE-2021-24256

CVE, Research URL

CVE-2021-24256

Home page URL

Security reports for Elementor Header & Footer Builder

Application

Elementor Header & Footer Builder

Published on
May 06, 2021
Research Description
The “Elementor – Header, Footer & Blocks Template” WordPress Plugin before 1.5.8 has two widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
Affected versions
Min -, max 1.5.8.
Status
vulnerable
Previous vulnerability researches
Elementor Header & Footer Builder (CVE-2024-11230) , Dec 24, 2024
Elementor Header & Footer Builder (CVE-2024-10325) , Nov 09, 2024
Elementor Header & Footer Builder (CVE-2024-10050) , Oct 25, 2024
Elementor Header & Footer Builder (CVE-2025-8488) , Aug 02, 2025
Elementor Header & Footer Builder (CVE-2024-33933) , Jul 05, 2024
New vulnerability
Google Map Targeting (CVE-2025-52732) , Aug 04, 2025
WP CTA – Call To Action Plugin, Sticky CTA, Floating Buttons, Floating Tab Plugin (CVE-2025-8152) , Aug 04, 2025
One Click Demo Import , Aug 04, 2025
My Reservation System (CVE-2025-7022) , Aug 02, 2025
Connector for Gravity Forms and Google Sheets (CVE-2025-54682) , Aug 02, 2025