Reformer For Elementor

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:merkulove:reformer_for_elementor:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorMerkulove (4be28ce2-53f6-546e-b98d-357d6465d1df)
ProductReformer For Elementor (a8d330f0-364a-530d-a307-c8dd3714ef16)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-68086 vulnerable 2026-06-03 15:11:02.839798 WordPress Reformer for Elementor plugin <= 1.0.6 - Broken Access Control vulnerability
MEDIUM (5.4)
Missing Authorization vulnerability in merkulove Reformer for Elementor reformer-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Reformer for Elementor: from n/a through <= 1.0.6.
Published: 2025-12-16T08:13:05.956Z
Updated: 2026-04-28T19:59:08.151Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-49444 vulnerable 2026-06-03 15:01:44.770762 WordPress Reformer for Elementor plugin <= 1.0.5 - Arbitrary File Upload Vulnerability
CRITICAL (10)
Unrestricted Upload of File with Dangerous Type vulnerability in merkulove Reformer for Elementor reformer-elementor allows Upload a Web Shell to a Web Server.This issue affects Reformer for Elementor: from n/a through <= 1.0.5.
Published: 2025-06-17T15:01:11.240Z
Updated: 2026-04-28T16:13:04.934Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.