Does SJ Elementor Addon have any unpatched vulnerabilities?

No. All known vulnerabilities in SJ Elementor Addon have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is SJ Elementor Addon compatible with WordPress 4.7.32?

According to WordPress.org data, SJ Elementor Addon 0.2.0 has been tested up to WordPress 4.7.32. Check the plugin's changelog for the latest compatibility information.

How often is SJ Elementor Addon updated?

SJ Elementor Addon was last updated on Apr 10, 2017. Frequent updates are generally a positive security signal.

What is SJ Elementor Addon's security score?

SJ Elementor Addon has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

SJ Elementor Addon Security & Risk Analysis

wordpress.org/plugins/sj-elementor-addon

SJ Elementor Addon is Elementor Page Builder's Addon Pack. Subscribe Form, SVG separator, Image separator and more. Just Drag, Drop and Enjoy.

100 active installs v0.2.0 PHP + WP 4.0.0+ Updated Apr 10, 2017

elementor-addonelementor-page-builderrow-separatorsubscribe-formsvg-separator

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is SJ Elementor Addon Safe to Use in 2026?

Generally Safe

Score 85/100

SJ Elementor Addon has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago

Risk Assessment

The "sj-elementor-addon" v0.2.0 plugin presents a concerning security posture due to its unprotected entry points. With 3 AJAX handlers identified and none of them having authentication checks, a significant attack surface is exposed. While the plugin demonstrates good practices by using prepared statements for all SQL queries and having a history free of known vulnerabilities, the lack of authorization on its AJAX endpoints is a critical weakness. The taint analysis further highlights this concern, revealing 2 flows with unsanitized paths that are classified as high severity, suggesting potential for unauthorized actions or data manipulation if these paths can be reached by unauthenticated users.

Despite the absence of known CVEs and the use of some capability checks, the unprotected AJAX handlers and the identified high-severity taint flows are major security risks. The fact that 75% of output is not properly escaped is also a concern, potentially leading to cross-site scripting (XSS) vulnerabilities, though the taint analysis did not specifically flag these as high-severity issues in the current flows. The plugin's strength lies in its secure database interactions and clean vulnerability history, but these are overshadowed by the immediate risks posed by the exposed AJAX endpoints. Addressing these unprotected entry points and ensuring proper sanitization for all data flows should be the immediate priority.

Key Concerns

Unprotected AJAX handlers
High severity unsanitized taint flows
Low percentage of properly escaped output

Vulnerabilities

None known

SJ Elementor Addon Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

SJ Elementor Addon Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

18 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

25% escaped71 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

call_action (classes\class-sj-ea-ajax.php:108)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

SJ Elementor Addon Attack Surface

Entry Points3

Unprotected3

AJAX Handlers 3

authwp_ajax_sjea_add_subscriberclasses\class-sj-ea-ajax.php:32

noprivwp_ajax_sjea_add_subscriberclasses\class-sj-ea-ajax.php:33

authwp_ajax_sjea_submit_support_formclasses\class-sj-ea-ajax.php:34

WordPress Hooks 20

actionafter_setup_themeclasses\class-sj-ea-admin-settings.php:26

actionadmin_enqueue_scriptsclasses\class-sj-ea-admin-settings.php:35

actionadmin_menuclasses\class-sj-ea-admin-settings.php:44

actionadmin_menuclasses\class-sj-ea-admin-settings.php:45

actionnetwork_admin_menuclasses\class-sj-ea-admin-settings.php:58

actionnetwork_admin_menuclasses\class-sj-ea-admin-settings.php:59

actionsjea_menu_welcome_actionclasses\class-sj-ea-admin-settings.php:62

actionsjea_menu_connection_actionclasses\class-sj-ea-admin-settings.php:63

actionadmin_initclasses\class-sj-ea-ajax.php:36

actionelementor/initclasses\class-sj-ea-helper.php:13

actionadmin_headclasses\class-sj-ea-helper.php:14

actionwp_headclasses\class-sj-ea-helper.php:15

actionelementor/frontend/after_enqueue_stylesclasses\class-sj-ea-helper.php:16

actionelementor/editor/after_enqueue_stylesclasses\class-sj-ea-helper.php:17

actionelementor/frontend/before_enqueue_scriptsclasses\class-sj-ea-helper.php:18

actionadmin_noticesclasses\class-sj-ea-loader.php:21

actionnetwork_admin_noticesclasses\class-sj-ea-loader.php:22

actionelementor/widgets/widgets_registeredclasses\class-sj-ea-model.php:18

actionelementor/element/parse_cssclasses\class-sj-ea-module-scripts.php:15

actionwp_enqueue_scriptsclasses\class-sj-ea-module-scripts.php:16

Maintenance & Trust

SJ Elementor Addon Maintenance & Trust

Maintenance Signals

WordPress version tested4.7.32

Last updatedApr 10, 2017

PHP min version

Downloads16K

Community Trust

Rating100/100

Number of ratings5

Active installs100

Alternatives

SJ Elementor Addon Alternatives

Move Addons for Elementor

move-addons

Move Addons is a WordPress plugin for Elementor page builder, is a powerful tool that helps you to make almost every possible customization to your we …

3K 8 CVEs

Creative Addons for Elementor

creative-addons-for-elementor

100

Write articles and documents faster and more easily using our powerful and practical Elementor widgets.

900 1 CVE

Vertex Addons for Elementor

addons-for-elementor-builder

Enhance Elementor with Vertex Addons — fast, lightweight widgets & extensions to build stunning sites without code. Perfect for pros & agencies.

400 2 CVEs

SJ Cornerstone Addon

sj-cornerstone-addon

SJ Cornerstone Addon is Cornerstone Page Builder's Addon Pack. Quickly add SVG separator withing your row or column. Just Drag, Drop and Enjoy.

400 No CVEs

Free WooCommerce Theme 99fy Extension

99fy-core

Elementor Addon Pack For 99fy - Free WooCommerce Theme

100 2 CVEs

Developer Profile

SJ Elementor Addon Developer Profile

Sandesh

6 plugins · 740 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect SJ Elementor Addon

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/sj-elementor-addon/admin/assets/sjea-admin-settings.css/wp-content/plugins/sj-elementor-addon/admin/assets/sjea-admin-settings.js/wp-content/plugins/sj-elementor-addon/admin/assets/sjea-services.js

Script Paths

/wp-content/plugins/sj-elementor-addon/admin/assets/sjea-admin-settings.js/wp-content/plugins/sj-elementor-addon/admin/assets/sjea-services.js

Version Parameters

sj-elementor-addon/admin/assets/sjea-admin-settings.css?ver=sj-elementor-addon/admin/assets/sjea-admin-settings.js?ver=sj-elementor-addon/admin/assets/sjea-services.js?ver=

HTML / DOM Fingerprints

CSS Classes

sjea-menu-pagesjea-titlesjea-separatornav-tab-active

JS Globals

SJ_EA_URLSJ_EA_VERSION

FAQ