Website Builder
Approved changes feed: RSS · Atom
cpe:2.3:a:elementor:website_builder:*:*:*:*:pro:wordpress:*:*
part: a version: * update: *
| Vendor | Elementor (495bbd9d-fd16-5fda-b5c3-511153e4eb2c) |
|---|---|
| Product | Website Builder (8f85a89f-122c-5962-a1c3-bb86bee15682) |
| Edition | * |
| Language | * |
| Software edition | pro |
| Target software | wordpress |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/elementor/elementor |
purl2cpe | 2026-06-01 10:13:03.093603 |
pkg:wordpress/elementor |
purl2cpe | 2026-06-01 10:13:03.093604 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-8494 |
vulnerable | 2026-06-08 07:00:24.766828 |
Elementor Website Builder Pro – More than Just a Page Builder <= 3.25.10 - Authenticated (Contributor+) Sensitive Information Exposure via Shortcode
MEDIUM (4.3)
The Elementor Website Builder Pro plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.25.10 via the 'elementor-template' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including the content of Private, Pending, and Draft Templates. The vulnerability was partially patched in version 3.24.4.
Published: 2025-01-30T13:42:05.438Z
Updated: 2026-04-08T17:09:54.992Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.