cleantalk
Vulnerabilities and Security Researches

Elementor Website Builder – More than Just a Page Builder, CVE-2025-67588

CVE, Research URL

CVE-2025-67588

Home page URL

Security reports for Elementor Website Builder – More than Just a Page Builder

Application

Elementor Website Builder – More than Just a Page Builder

Published on
Dec 09, 2025
Research Description
Missing Authorization vulnerability in Elementor Elementor Website Builder elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Website Builder: from n/a through <= 3.33.0.
Affected versions
max 3.33.1.
Status
vulnerable
Previous vulnerability researches
Stripe Express (4b8502a4cf5209c95f7abee1405df2d2eac8a87d) , Jun 07, 2024
Stripe Express (CVE-2026-8893) , Jun 07, 2026
Stripe Express (CVE-2023-33999) , Jun 14, 2026
New vulnerability
WP Tools Divi Blog Carousel (CVE-2023-33999) , Jun 14, 2026
WP Mobile Menu &#8211; The Mobile-Friendly Responsive Menu (CVE-2023-33999) , Jun 14, 2026
YITH Request a Quote for WooCommerce (CVE-2022-44630) , Jun 14, 2026
Marijuana Age Verify (CVE-2023-33999) , Jun 14, 2026
Advanced Product Sample for WooCommerce (CVE-2023-33999) , Jun 14, 2026