WP-Safety

Element Invader – Template Kits for Elementor Security & Risk Analysis

wordpress.org/plugins/elementinvader

ElementInvader offers premium library of one click ready and free Elementor templates from https://elementinvader.com/ service.

3K active installs v1.2.5 PHP + WP 5.6+ Updated Jan 17, 2026
elementorelementor-addonelementor-addonselementor-templatestemplate-kits
99
A · Safe
CVEs total1
Unpatched0
Last CVEJan 16, 2026
Plugin page Download
Safety Verdict

Is Element Invader – Template Kits for Elementor Safe to Use in 2026?

Generally Safe

Score 99/100

Element Invader – Template Kits for Elementor has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jan 16, 2026Updated 2mo ago
Risk Assessment

The "elementinvader" v1.2.5 plugin presents a mixed security posture. While it has a relatively small attack surface with only two AJAX handlers, the presence of one AJAX handler without authentication checks is a significant concern, as it creates a direct entry point for unauthenticated attackers. The code analysis reveals the use of dangerous functions like `unserialize`, which can lead to Remote Code Execution (RCE) if not handled carefully, and a complete lack of prepared statements for SQL queries, increasing the risk of SQL injection vulnerabilities. The low percentage of properly escaped outputs further exacerbates this risk. The vulnerability history indicates one past medium severity CVE, and while it is currently patched, the common vulnerability type being "Missing Authorization" aligns with the static analysis findings of unprotected entry points, suggesting a recurring pattern of authorization flaws. Despite the absence of critical taint flows and the presence of some capability checks and nonce checks, the identified weaknesses, particularly the unprotected AJAX handler and the raw SQL queries, necessitate caution. The overall security posture is weakened by these critical oversights.

Key Concerns

  • AJAX handler without auth check
  • Dangerous function: unserialize used
  • SQL queries without prepared statements
  • Low percentage of output escaping
  • Past medium vulnerability (Missing Authorization)
Vulnerabilities
1

Element Invader – Template Kits for Elementor Security Vulnerabilities

CVEs by Year

1 CVE in 2026
2026
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2026-24386medium · 4.3Missing Authorization

Element Invader – Template Kits for Elementor <= 1.2.4 - Missing Authorization

Jan 16, 2026 Patched in 1.2.5 (13d)
Code Analysis
Analyzed Mar 16, 2026

Element Invader – Template Kits for Elementor Code Analysis

Dangerous Functions
7
Raw SQL Queries
1
0 prepared
Unescaped Output
191
101 escaped
Nonce Checks
3
Capability Checks
4
File Operations
21
External Requests
1
Bundled Libraries
0

Dangerous Functions Found

unserialize$_elementor_page_settings = unserialize($_elementor_page_settings);application\controllers\Elementinvader.php:756
unserialize$data_row['request_data'] = unserialize($row->request_data);application\models\Report_m.php:140
unserialize$data_row['header_data'] = unserialize($row->header_data);application\models\Report_m.php:141
unserialize$data_row['other_data'] = unserialize($row->other_data);application\models\Report_m.php:142
unserialize$data_row['request_data'] = unserialize($row->request_data);application\models\Report_m.php:257
unserialize$data_row['header_data'] = unserialize($row->header_data);application\models\Report_m.php:258
unserialize$data_row['other_data'] = unserialize($row->other_data);application\models\Report_m.php:259

SQL Query Safety

0% prepared1 total queries

Output Escaping

35% escaped292 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths
login (application\controllers\Elementinvader.php:447)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

Element Invader – Template Kits for Elementor Attack Surface

Entry Points2
Unprotected1

AJAX Handlers 2

authwp_ajax_elementinvader_review_actionincludes\class-elementinvader-review-request.php:51
authwp_ajax_elementinvader_actionincludes\class-elementinvader.php:172
WordPress Hooks 13
actioninitincludes\class-elementinvader-review-request.php:50
actionadmin_noticesincludes\class-elementinvader-review-request.php:60
actionnetwork_admin_noticesincludes\class-elementinvader-review-request.php:61
actionuser_admin_noticesincludes\class-elementinvader-review-request.php:62
actionplugins_loadedincludes\class-elementinvader.php:148
filteradmin_body_classincludes\class-elementinvader.php:164
filterpost_row_actionsincludes\class-elementinvader.php:166
filterpage_row_actionsincludes\class-elementinvader.php:167
actionadmin_enqueue_scriptsincludes\class-elementinvader.php:169
actionadmin_enqueue_scriptsincludes\class-elementinvader.php:170
actionadmin_menuincludes\class-elementinvader.php:181
actionwp_enqueue_scriptsincludes\class-elementinvader.php:199
actionwp_enqueue_scriptsincludes\class-elementinvader.php:200
Maintenance & Trust

Element Invader – Template Kits for Elementor Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 17, 2026
PHP min version
Downloads64K

Community Trust

Rating100/100
Number of ratings11
Active installs3K
Alternatives

Element Invader – Template Kits for Elementor Alternatives

Essential Addons for Elementor – Popular Elementor Templates & Widgets

Essential Addons for Elementor – Popular Elementor Templates & Widgets

essential-addons-for-elementor-lite

B
76

Elementor addon offering 110+ widgets and templates — Elementor Gallery, Slider, Form, Post Grid, Menu, Accordion, WooCommerce & more.

2.0M 56 CVEs
Premium Addons for Elementor – Powerful Elementor Templates & Widgets

Premium Addons for Elementor – Powerful Elementor Templates & Widgets

premium-addons-for-elementor

A
95

Elementor Carousel, Mega Menu, Posts List/Slider, Media Gallery, WooCommerce Widgets, Display Conditions, Premade Templates & more.

700K 35 CVEs
Royal Addons for Elementor – Addons and Templates Kit for Elementor

Royal Addons for Elementor – Addons and Templates Kit for Elementor

royal-elementor-addons

C
50

Elementor templates, Header footer builder, Elementor Post Grid, Woocommerce Grid builder, Slider, Forms, Gallery, Nav menu addons, Elementor widgets.

600K 1 unpatched
Unlimited Elements For Elementor

Unlimited Elements For Elementor

unlimited-elements-for-elementor

B
76

Elementor all-in-one addons pack with the best widgets for Elementor, offering 100+ free widgets, templates, and tools to create stunning websites!

300K 29 CVEs
The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce

The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce

the-plus-addons-for-elementor-page-builder

A
92

Best Addons for Elementor with 120+ Elementor FREE & Pro Widgets & 1000+ Elementor Templates with Mega Menu, Post Grid, Header Footer, WooCommerce

100K 33 CVEs
Developer Profile

Element Invader – Template Kits for Elementor Developer Profile

Element Invader

6 plugins · 8K total installs

87
trust score
Avg Security Score
90/100
Avg Patch Time
11 days
View full developer profile
Detection Fingerprints

How We Detect Element Invader – Template Kits for Elementor

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/elementinvader/css/elementinvader-admin.css/wp-content/plugins/elementinvader/js/elementinvader-admin.js/wp-content/plugins/elementinvader/js/jquery.helpers.js
Script Paths
wp-content/plugins/elementinvader/js/elementinvader-admin.jswp-content/plugins/elementinvader/js/jquery.helpers.js
Version Parameters
elementinvader/css/elementinvader-admin.css?ver=elementinvader/js/elementinvader-admin.js?ver=elementinvader/js/jquery.helpers.js?ver=

HTML / DOM Fingerprints

CSS Classes
elementinvader-page
Data Attributes
data-elementinvader-template-id
JS Globals
window.elementinvader_datawindow.elementinvader_plugin
FAQ

Frequently Asked Questions about Element Invader – Template Kits for Elementor