目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

elemntor 厂商漏洞列表 / CVE 中文分析 22

elemntor 厂商相关 22 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。

Elementor 是流行的 WordPress 页面构建插件,允许用户通过拖拽方式设计网站。截至最新统计,该组件已收录 22 条 CVE。历史漏洞多集中于未授权访问、存储型跨站脚本(XSS)及任意文件读取,部分版本存在远程代码执行风险。其安全特性包括对输入输出的严格过滤机制,但早期版本因缺乏完善的权限校验曾引发多次安全事件,建议用户及时更新以修复已知缺陷。

Top products by elemntor: Elementor Website Builder – more than just a page builder Ally – Web Accessibility & Usability Elementor Website Builder Activity Log – Monitor & Record User Changes Site Mailer – SMTP Replacement, Email API Deliverability & Email Log Temporary Login
CVE ID标题CVSS风险等级Published
CVE-2026-7567 Temporary Login 1.0.0 认证绕过致账户接管漏洞 — Temporary LoginCWE-288 9.8 Critical2026-05-01
CVE-2026-6127 Elementor Website Builder <= 4.0.4 通过REST API的认证存储型XSS漏洞 — Elementor Website Builder – more than just a page builderCWE-79 6.4 Medium2026-05-01
CVE-2025-14732 WordPress plugin Elementor Website Builder – More Than Just a Page Builder 安全漏洞 — Elementor Website Builder – more than just a page builderCWE-87 6.4 Medium2026-04-08
CVE-2026-1206 WordPress plugin Elementor Website Builder 安全漏洞 — Elementor Website Builder – more than just a page builderCWE-639 4.3 Medium2026-03-26
CVE-2026-2413 WordPress plugin Ally – Web Accessibility & Usability SQL注入漏洞 — Ally – Web Accessibility & UsabilityCWE-89 7.5 High2026-03-11
CVE-2025-11220 WordPress plugin Elementor 跨站脚本漏洞 — Elementor Website Builder – more than just a page builderCWE-79 6.4 Medium2025-12-16
CVE-2025-10700 WordPress plugin Ally 跨站请求伪造漏洞 — Ally – Web Accessibility & UsabilityCWE-352 4.3 Medium2025-10-16
CVE-2025-8081 WordPress plugin Elementor 路径遍历漏洞 — Elementor Website Builder – more than just a page builderCWE-22 4.9 Medium2025-08-12
CVE-2025-4566 WordPress plugin Elementor Website Builder 跨站脚本漏洞 — Elementor Website Builder – more than just a page builderCWE-79 6.4 Medium2025-07-29
CVE-2025-3075 WordPress plugin Elementor Website Builder 跨站脚本漏洞 — Elementor Website Builder – more than just a page builderCWE-79 6.4 Medium2025-07-29
CVE-2025-1319 WordPress plugin Site Mailer – SMTP Replacement, Email API Deliverability & Email Log 跨站脚本漏洞 — Site Mailer – SMTP Replacement, Email API Deliverability & Email LogCWE-79 7.2 High2025-02-28
CVE-2024-13445 WordPress plugin Elementor Website Builder 跨站脚本漏洞 — Elementor Website Builder – more than just a page builderCWE-79 6.4 Medium2025-02-20
CVE-2024-10453 WordPress plugin Elementor Website Builder 跨站脚本漏洞 — Elementor Website Builder – more than just a page builderCWE-79 6.4 Medium2024-12-21
CVE-2024-8236 WordPress plugin Elementor Website Builder 跨站脚本漏洞 — Elementor Website Builder – more than just a page builderCWE-79 6.4 Medium2024-11-26
CVE-2024-10788 WordPress plugin Activity Log – Monitor & Record User Changes 跨站脚本漏洞 — Activity Log – Monitor & Record User ChangesCWE-79 7.2 High2024-11-21
CVE-2024-6757 WordPress plugin Elementor 信息泄露漏洞 — Elementor Website Builder – more than just a page builderCWE-200 4.3 Medium2024-10-15
CVE-2024-5416 WordPress plugin Elementor Website Builder 跨站脚本漏洞 — Elementor Website Builder – more than just a page builderCWE-79 5.4 Medium2024-09-11
CVE-2024-4619 WordPress Plugin elementor 跨站脚本漏洞 — Elementor Website Builder – more than just a page builderCWE-79 6.4 Medium2024-05-21
CVE-2024-2117 WordPress Plugin Elementor Website Builder 安全漏洞 — Elementor Website Builder – more than just a page builderCWE-79 6.4 Medium2024-04-09
CVE-2024-0506 WordPress Plugin Elementor Website Builder 安全漏洞 — Elementor Website Builder – more than just a page builderCWE-79 6.4 Medium2024-02-20
CVE-2020-36703 WordPress Plugin Elementor Website Builder 跨站脚本漏洞 — Elementor Website Builder – more than just a page builderCWE-79 6.4 Medium2023-06-07
CVE-2022-1329 Elementor安全漏洞 — Elementor Website Builder CWE-862 8.8 High2022-04-19

本页汇总了 elemntor 厂商截至目前公开的全部 22 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。