WPDeveloper — Vulnerabilities & Security Advisories 49

Browse all 49 CVE security advisories affecting WPDeveloper. AI-powered Chinese analysis, POCs, and references for each vulnerability.

WPDeveloper operates as a software vendor specializing in WordPress plugins and themes, primarily targeting web developers and site administrators seeking to extend functionality. Historical security audits reveal a pattern of critical vulnerabilities, including forty-nine recorded Common Vulnerabilities and Exposures (CVEs). These flaws predominantly involve remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation and improper sanitization of user-supplied data. The high volume of disclosed issues suggests systemic weaknesses in the development lifecycle, particularly regarding secure coding practices and rigorous testing protocols. While specific major incidents are not always publicly detailed, the consistent recurrence of severe bugs indicates a significant risk posture for users relying on these extensions. Consequently, organizations utilizing WPDeveloper products must implement strict monitoring and timely patching strategies to mitigate the inherent exposure to exploitation attempts.

Top products by WPDeveloper: Essential Addons for Elementor Essential Blocks for Gutenberg EmbedPress BetterDocs Templately Essential Addons for Elementor Pro Typing Text BetterLinks NotificationX ReviewX – Multi-criteria Rating & Reviews for WooCommerce Parallax Slider Block SchedulePress Simple 301 Redirects by BetterLinks Document Block – Upload & Embed Docs Secret Meta

CVEs 49

CVE ID	Title	CVSS	Severity	Published
CVE-2026-23543	WordPress Essential Addons for Elementor plugin <= 6.5.5 - Broken Access Control vulnerability — Essential Addons for ElementorCWE-862	5.3	Medium	2026-02-19
CVE-2025-69092	WordPress Essential Addons for Elementor plugin <= 6.5.3 - Cross Site Scripting (XSS) vulnerability — Essential Addons for ElementorCWE-79	6.5	Medium	2025-12-30
CVE-2025-64352	WordPress Essential Addons for Elementor plugin <= 6.2.4 - Broken Access Control vulnerability — Essential Addons for ElementorCWE-862	2.7	Low	2025-10-31
CVE-2025-24752	WordPress Essential Addons for Elementor plugin <= 6.0.14 - Reflected Cross Site Scripting (XSS) vulnerability — Essential Addons for ElementorCWE-79	7.1	High	2025-04-17
CVE-2025-39589	WordPress Essential Addons for Elementor plugin <= 6.1.9 - Sensitive Data Exposure Vulnerability — Essential Addons for ElementorCWE-497	4.3	Medium	2025-04-16
CVE-2025-39590	WordPress Essential Addons for Elementor plugin <= 6.1.9 - Cross Site Scripting (XSS) Vulnerability — Essential Addons for ElementorCWE-79	6.5	Medium	2025-04-16
CVE-2024-56063	WordPress Essential Addons for Elementor plugin <= 6.0.7 - Cross Site Scripting (XSS) vulnerability — Essential Addons for ElementorCWE-79	6.5	Medium	2024-12-31
CVE-2024-39649	WordPress Essential Addons for Elementor plugin <= 5.9.26 - Cross Site Scripting (XSS) vulnerability — Essential Addons for ElementorCWE-79	6.5	Medium	2024-08-01
CVE-2023-41955	WordPress Essential Addons for Elementor plugin <= 5.8.8 - Contributor+ Privilege Escalation vulnerability — Essential Addons for ElementorCWE-269	8.8	High	2024-05-17
CVE-2023-32243	WordPress Essential Addons for Elementor Plugin 5.4.0-5.7.1 is vulnerable to Privilege Escalation — Essential Addons for ElementorCWE-287	9.8	Critical	2023-05-12

This page lists every published CVE security advisory associated with WPDeveloper. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

WPDeveloper — Vulnerabilities & Security Advisories 49