Borderless – Elementor Addons and Templates

Wordfence Intelligence   >   Vulnerability Database   >   WordPress Plugins   >   Borderless – Elementor Addons and Templates

Information

Software Type Plugin
Software Slug borderless (view on wordpress.org)
Software Status Active
Software Author visualmodo
Software Website visualmodo.com
Software Downloads 138,851
Software Active Installs 6,000
Software Record Last Updated April 3, 2025

7 Vulnerabilities

Submit a Vulnerability
Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.6.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload
5.4
CVE-2024-10867
Jan 30, 2025
Researcher: Francesco Carlucci
Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.6.0 - Authenticated (Administrator+) Remote Code Execution
7.2
CVE-2024-11600
Jan 30, 2025
Researchers: Nguyễn Trung Kiên, Trương Hữu Phúc (truonghuuphuc)
Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.5.9 - Missing Authorization to Icon Font Deletion
4.3
CVE-2024-11583
Jan 30, 2025
Researcher: Trương Hữu Phúc (truonghuuphuc)
Borderless <= 1.5.8 - Authenticated (Editor+) Stored Cross-Site Scripting
5.5
CVE-2024-54211
Dec 2, 2024
Researcher: João G. Barbosa (4rCanJ0x!)
Borderless - Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets
6.4
CVE-2024-4666
May 14, 2024
Researcher: stealthcopter
Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-34757
May 14, 2024
Researcher: Khalid
Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.4.8 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-38518
Jul 20, 2023
Researcher: Rio Darmawan
Title Status CVE ID CVSS Researchers Date
Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.6.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload Patched CVE-2024-10867 5.4 Francesco Carlucci January 30, 2025
Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.6.0 - Authenticated (Administrator+) Remote Code Execution Patched CVE-2024-11600 7.2 Nguyễn Trung Kiên, Trương Hữu Phúc (truonghuuphuc) January 30, 2025
Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.5.9 - Missing Authorization to Icon Font Deletion Patched CVE-2024-11583 4.3 Trương Hữu Phúc (truonghuuphuc) January 30, 2025
Borderless <= 1.5.8 - Authenticated (Editor+) Stored Cross-Site Scripting Patched CVE-2024-54211 5.5 João G. Barbosa (4rCanJ0x!) December 2, 2024
Borderless - Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets Patched CVE-2024-4666 6.4 stealthcopter May 14, 2024
Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting Patched CVE-2024-34757 6.4 Khalid May 14, 2024
Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.4.8 - Authenticated (Administrator+) Stored Cross-Site Scripting Patched CVE-2023-38518 4.4 Rio Darmawan July 20, 2023

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation

This site uses cookies in accordance with our Privacy Policy.