Does Rife Extensions & Templates for Elementor have any unpatched vulnerabilities?

No. All known vulnerabilities in Rife Extensions & Templates for Elementor have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Rife Extensions & Templates for Elementor compatible with WordPress 6.7.5?

According to WordPress.org data, Rife Extensions & Templates for Elementor 1.2.8 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Rife Extensions & Templates for Elementor compatible with PHP 5.4+?

Rife Extensions & Templates for Elementor requires PHP 5.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Rife Extensions & Templates for Elementor updated?

Rife Extensions & Templates for Elementor was last updated on Sep 29, 2025. Frequent updates are generally a positive security signal.

What is Rife Extensions & Templates for Elementor's security score?

Rife Extensions & Templates for Elementor has a WP-Safety security score of 97/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Rife Extensions & Templates for Elementor Security & Risk Analysis

wordpress.org/plugins/rife-elementor-extensions

Brings new widgets to be used in Elementor and allows you to import beautiful full page templates for Elementor page builder designed by Apollo13Theme …

20K active installs v1.2.8 PHP 5.4+ WP 4.7+ Updated Sep 29, 2025

drag-and-dropelementorelementor-addonselementor-templatesrife

A · Safe

CVEs total4

Unpatched0

Last CVEFeb 21, 2025

Plugin page Download

Safety Verdict

Is Rife Extensions & Templates for Elementor Safe to Use in 2026?

Generally Safe

Score 97/100

Rife Extensions & Templates for Elementor has a strong security track record. Known vulnerabilities have been patched promptly.

4 known CVEsLast CVE: Feb 21, 2025Updated 6mo ago

Risk Assessment

The plugin "rife-elementor-extensions" v1.2.8 exhibits a mixed security posture. While static analysis reveals a small attack surface with no directly unprotected entry points and a commitment to prepared statements for SQL, there are notable concerns. The low percentage of properly escaped output (30%) is a significant risk, potentially leading to cross-site scripting vulnerabilities if user-supplied data is rendered without adequate sanitization. The presence of file operations without further context in the static analysis is also a point to monitor.

The vulnerability history is a major red flag. The plugin has a history of 4 known CVEs, all of which are currently patched according to the data. However, the types of past vulnerabilities, specifically Missing Authorization and Cross-site Scripting, align with the identified weakness in output escaping. This historical pattern suggests a recurring struggle to secure sensitive operations and user input, even if the immediate threats are addressed in this specific version.

In conclusion, the plugin demonstrates some good security practices like using prepared statements and having a controlled attack surface. However, the insufficient output escaping and the past trend of authorization and XSS vulnerabilities indicate areas that require ongoing vigilance and potential improvement to achieve a robust security posture.

Key Concerns

Insufficient output escaping detected
Past vulnerabilities: 4 medium severity CVEs
Past vulnerability types: Missing Auth, XSS

Vulnerabilities

Rife Extensions & Templates for Elementor Security Vulnerabilities

CVEs by Year

1 CVE in 2021

2021

1 CVE in 2023

2023

1 CVE in 2024

2024

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

4 total CVEs

CVE-2024-13564medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Rife Elementor Extensions & Templates <= 1.2.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Writing Effect Headline Shortcode

Feb 21, 2025 Patched in 1.2.6 (1d)

CVE-2024-5504medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Rife Elementor Extensions & Templates <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Writing Effect Headline Widget

Jul 1, 2024 Patched in 1.2.2 (1d)

CVE-2023-27454medium · 5.4Missing Authorization

Rife Elementor Extensions & Templates <= 1.1.10 - Missing Authorization via import_templates

Mar 2, 2023 Patched in 1.2.0 (327d)

CVE-2021-24265medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Rife Elementor Extensions & Templates <= 1.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting

Apr 13, 2021 Patched in 1.1.6 (1015d)

Version History

Rife Extensions & Templates for Elementor Release Timeline

No version history available.

Code Analysis

Analyzed Mar 16, 2026

Rife Extensions & Templates for Elementor Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

11 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

30% escaped37 total outputs

Attack Surface

Rife Extensions & Templates for Elementor Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_a13ree_import_templatesincludes\importer.php:466

WordPress Hooks 14

actionadmin_enqueue_scriptsincludes\admin.php:152

actionadmin_enqueue_scriptsincludes\admin.php:153

filteradmin_footer_textincludes\admin.php:156

filterelementor/admin/dashboard_overview_widget/footer_actionsincludes\admin.php:158

actionadmin_menuincludes\importer.php:465

actionadmin_noticesincludes\plugin.php:153

actioninitincludes\plugin.php:211

actionelementor/widgets/widgets_registeredincludes\widgets.php:118

actionelementor/frontend/after_enqueue_stylesincludes\widgets.php:120

actionelementor/frontend/after_register_scriptsincludes\widgets.php:122

actionelementor/preview/enqueue_scriptsincludes\widgets.php:124

actionplugins_loadedrife-elementor-extensions.php:40

actionadmin_noticesrife-elementor-extensions.php:44

actionadmin_noticesrife-elementor-extensions.php:46

Maintenance & Trust

Rife Extensions & Templates for Elementor Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedSep 29, 2025

PHP min version5.4

Downloads551K

Community Trust

Rating100/100

Number of ratings3

Active installs20K

Alternatives

Rife Extensions & Templates for Elementor Alternatives

Essential Addons for Elementor – Popular Elementor Templates & Widgets

essential-addons-for-elementor-lite

Elementor addon offering 110+ widgets and templates — Elementor Gallery, Slider, Form, Post Grid, Menu, Accordion, WooCommerce & more.

2.0M 56 CVEs

Premium Addons for Elementor – Powerful Elementor Templates & Widgets

premium-addons-for-elementor

Elementor Carousel, Mega Menu, Posts List/Slider, Media Gallery, WooCommerce Widgets, Display Conditions, Premade Templates & more.

700K 35 CVEs

Royal Addons for Elementor – Addons and Templates Kit for Elementor

royal-elementor-addons

Elementor templates, Header footer builder, Elementor Post Grid, Woocommerce Grid builder, Slider, Forms, Gallery, Nav menu addons, Elementor widgets.

600K 1 unpatched

Unlimited Elements For Elementor

unlimited-elements-for-elementor

Elementor all-in-one addons pack with the best widgets for Elementor, offering 100+ free widgets, templates, and tools to create stunning websites!

300K 29 CVEs

Element Pack – Widgets, Templates & Addons for Elementor

bdthemes-element-pack-lite

Elementor addons with 300+ widgets, templates, WooCommerce widgets, mega menu, header footer builder, and powerful design extensions.

100K 36 CVEs

Developer Profile

Rife Extensions & Templates for Elementor Developer Profile

apollo13themes

3 plugins · 60K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

156 days

View full developer profile

Detection Fingerprints

How We Detect Rife Extensions & Templates for Elementor

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/rife-elementor-extensions/assets/css/rife-elementor-extensions.css/wp-content/plugins/rife-elementor-extensions/assets/js/rife-elementor-extensions.js/wp-content/plugins/rife-elementor-extensions/assets/js/writing-effect-headline.js

Script Paths

/wp-content/plugins/rife-elementor-extensions/assets/js/rife-elementor-extensions.js/wp-content/plugins/rife-elementor-extensions/assets/js/writing-effect-headline.js

Version Parameters

rife-elementor-extensions/assets/css/rife-elementor-extensions.css?ver=rife-elementor-extensions/assets/js/rife-elementor-extensions.js?ver=rife-elementor-extensions/assets/js/writing-effect-headline.js?ver=

HTML / DOM Fingerprints

CSS Classes

a13ree-written-headline

Data Attributes

data-writing-speeddata-loop

JS Globals

A13REE_ASSETS_URL

FAQ