WP-Safety

Generic Elements Security & Risk Analysis

wordpress.org/plugins/generic-elements-for-elementor

Generic Elements is the most complete elementor design toolkit which enhanced the power of elementor plugin.

600 active installs v1.2.9 PHP 7.2+ WP 5.8+ Updated Feb 21, 2026
addonselementor-addonselementor-widgetsgeneric-elements
54
C · Use Caution
CVEs total3
Unpatched2
Last CVEDec 7, 2025
Plugin page Download
Safety Verdict

Is Generic Elements Safe to Use in 2026?

Use With Caution

Score 54/100

Generic Elements has 2 unpatched vulnerabilities. Evaluate alternatives or apply available mitigations.

3 known CVEs 2 unpatched Last CVE: Dec 7, 2025Updated 1mo ago
Risk Assessment

This plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices in handling SQL queries, with 100% using prepared statements and a high rate of output escaping (96%). It also includes nonce and capability checks, indicating some awareness of security fundamentals. However, the presence of a `unserialize` function is a significant concern, as it can be a gateway for remote code execution if user-controlled input is unserialized without proper validation. While the static analysis did not reveal any immediate exploitable taint flows or direct attack vectors like unprotected AJAX, REST API, or shortcodes, the `unserialize` function coupled with a concerning vulnerability history points to a latent risk.

The plugin has a history of 3 known CVEs, with 2 currently unpatched, all of which are medium severity and related to Cross-site Scripting (XSS). The most recent vulnerability was reported in late 2025, suggesting a pattern of security issues that are not always promptly addressed. This history, combined with the `unserialize` function, suggests that while the codebase might have some robust elements, there are likely undiscovered or unaddressed vulnerabilities, or a tendency for vulnerabilities to emerge, particularly around input handling and sanitization, despite the high output escaping rate.

Key Concerns

  • Unpatched CVEs
  • Dangerous function detected: unserialize
  • Bundled library (Select2) potentially outdated
Vulnerabilities
3

Generic Elements Security Vulnerabilities

CVEs by Year

1 CVE in 2024
2024
2 CVEs in 2025 · unpatched
2025
Patched Has unpatched

Severity Breakdown

Medium
3

3 total CVEs

CVE-2025-62082medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Generic Elements <= 1.2.8 - Authenticated (Contributor+) Stored Cross-Site Scripting

Dec 7, 2025Unpatched
CVE-2025-9080medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Generic Elements <= 1.2.8 - Authenticated (Contributor+) Stored Cross-Site Scripting

Oct 2, 2025Unpatched
CVE-2024-53709medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Generic Elements <= 1.2.5 - Authenticated (Contributor+) Stored Cross-Site Scripting

Nov 22, 2024 Patched in 1.2.6 (349d)
Code Analysis
Analyzed Mar 16, 2026

Generic Elements Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
0 prepared
Unescaped Output
28
659 escaped
Nonce Checks
1
Capability Checks
4
File Operations
0
External Requests
0
Bundled Libraries
1

Dangerous Functions Found

unserialize$generic_el_params = unserialize($generic_el_params);admin\classes\Helper.php:19

Bundled Libraries

Select2

Output Escaping

96% escaped687 total outputs
Attack Surface

Generic Elements Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 31
actionadmin_initadmin\classes\AdminMetabox.php:38
actioninitadmin\classes\PostType.php:18
filtersingle_templateadmin\classes\PostType.php:20
actionelementor/page_templates/canvas/before_contentadmin\classes\PostType.php:222
actionelementor/page_templates/canvas/after_contentadmin\classes\PostType.php:223
actionelementor/page_templates/canvas/before_contentadmin\classes\PostType.php:240
actionelementor/page_templates/canvas/after_contentadmin\classes\PostType.php:241
actionplugins_loadedgeneric-elements.php:71
actionplugins_loadedgeneric-elements.php:72
actionadmin_noticesgeneric-elements.php:102
actionadmin_initgeneric-elements.php:131
actionadmin_menugeneric-elements.php:132
actionsave_post_generic_el_templategeneric-elements.php:135
filtergenerec_el_custom_post_typesgeneric-elements.php:137
actionadd_meta_boxesgeneric-elements.php:139
actionadmin_enqueue_scriptsgeneric-elements.php:141
actionadmin_enqueue_scriptsgeneric-elements.php:142
actionelementor/frontend/after_register_scriptsincludes\Assets.php:10
actionelementor/frontend/after_register_stylesincludes\Assets.php:11
actionelementor/editor/after_enqueue_scriptsincludes\Assets.php:12
actionadmin_noticesincludes\Notices.php:8
actionadmin_noticesincludes\Notices.php:14
actionadmin_noticesincludes\Notices.php:20
actionelementor/elements/categories_registeredincludes\RegisterCategory.php:20
actionelementor/widgets/registerincludes\RegisterCategory.php:21
actionwpthemes\templates\generic-el-template.php:21
actionget_headerthemes\templates\generic-el-template.php:38
actiongeneric_el_headerthemes\templates\generic-el-template.php:42
actionget_footerthemes\templates\generic-el-template.php:49
actiongeneric_el_footerthemes\templates\generic-el-template.php:54
actiongeneric_el_breadcrumbthemes\templates\generic-el-template.php:62
Maintenance & Trust

Generic Elements Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedFeb 21, 2026
PHP min version7.2
Downloads10K

Community Trust

Rating100/100
Number of ratings1
Active installs600
Alternatives

Generic Elements Alternatives

ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor

ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor

elementskit-lite

A
89

Join millions who empower their websites with ElementsKit Elementor Addons. Get templates, & 100+ widgets like header-footer, mega menu, custom widget

2.0M 21 CVEs
Essential Addons for Elementor – Popular Elementor Templates & Widgets

Essential Addons for Elementor – Popular Elementor Templates & Widgets

essential-addons-for-elementor-lite

B
76

Elementor addon offering 110+ widgets and templates — Elementor Gallery, Slider, Form, Post Grid, Menu, Accordion, WooCommerce & more.

2.0M 56 CVEs
Ultimate Addons for Elementor

Ultimate Addons for Elementor

header-footer-elementor

A
96

Powerful Elementor addon with advanced Elementor widgets, templates, WooCommerce widgets & Header-Footer builder to build professional websites fa &hellip;

2.0M 12 CVEs
Premium Addons for Elementor – Powerful Elementor Templates & Widgets

Premium Addons for Elementor – Powerful Elementor Templates & Widgets

premium-addons-for-elementor

A
95

Elementor Carousel, Mega Menu, Posts List/Slider, Media Gallery, WooCommerce Widgets, Display Conditions, Premade Templates & more.

700K 35 CVEs
Royal Addons for Elementor – Addons and Templates Kit for Elementor

Royal Addons for Elementor – Addons and Templates Kit for Elementor

royal-elementor-addons

C
50

Elementor templates, Header footer builder, Elementor Post Grid, Woocommerce Grid builder, Slider, Forms, Gallery, Nav menu addons, Elementor widgets.

600K 1 unpatched
Developer Profile

Generic Elements Developer Profile

webdevstudios

14 plugins · 1.0M total installs

73
trust score
Avg Security Score
92/100
Avg Patch Time
661 days
View full developer profile
Detection Fingerprints

How We Detect Generic Elements

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/generic-elements-for-elementor/admin/assets/css/generic-elements-admin.css/wp-content/plugins/generic-elements-for-elementor/admin/assets/js/generic-elements-admin.js/wp-content/plugins/generic-elements-for-elementor/assets/css/generic-elements-frontend.css/wp-content/plugins/generic-elements-for-elementor/assets/js/generic-elements-frontend.js/wp-content/plugins/generic-elements-for-elementor/assets/css/frontend.css/wp-content/plugins/generic-elements-for-elementor/assets/js/frontend.js
Script Paths
/wp-content/plugins/generic-elements-for-elementor/vendor/elementor/frontend/assets/js/elementor-frontend.min.js
Version Parameters
/wp-content/plugins/generic-elements-for-elementor/admin/assets/css/generic-elements-admin.css?ver=/wp-content/plugins/generic-elements-for-elementor/admin/assets/js/generic-elements-admin.js?ver=/wp-content/plugins/generic-elements-for-elementor/assets/css/generic-elements-frontend.css?ver=/wp-content/plugins/generic-elements-for-elementor/assets/js/generic-elements-frontend.js?ver=/wp-content/plugins/generic-elements-for-elementor/assets/css/frontend.css?ver=/wp-content/plugins/generic-elements-for-elementor/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
generic-el-templategeneric-elements-admin-wrapgeneric-elements-widgetgeneric-elements-section
HTML Comments
<!-- Generic Elements Plugin<!-- Generic Elements Admin<!-- Generic Elements Widget
Data Attributes
data-generic-element-iddata-generic-element-typedata-generic-element-settings
JS Globals
genericElementsAdmingenericElementsFrontend
Shortcode Output
[generic_elements[generic_el_template[generic_element
FAQ

Frequently Asked Questions about Generic Elements