Merkulove Reformer For Elementor vulnerabilities
2 known vulnerabilities affecting merkulove/reformer_for_elementor.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2025-49444P2CRITICALCVSS 10.0≤ 1.0.52025-06-17
CVE-2025-49444 [CRITICAL] CWE-434 CVE-2025-49444: Unrestricted Upload of File with Dangerous Type vulnerability in merkulove Reformer for Elementor re
Unrestricted Upload of File with Dangerous Type vulnerability in merkulove Reformer for Elementor reformer-elementor allows Upload a Web Shell to a Web Server.This issue affects Reformer for Elementor: from n/a through <= 1.0.5.
nvd
CVE-2025-68086P4MEDIUMCVSS 5.4≤ 1.0.62025-12-16
CVE-2025-68086 [MEDIUM] CWE-862 CVE-2025-68086: Missing Authorization vulnerability in merkulove Reformer for Elementor reformer-elementor allows Ex
Missing Authorization vulnerability in merkulove Reformer for Elementor reformer-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Reformer for Elementor: from n/a through <= 1.0.6.
nvd