Does Softtemplates For Elementor have any unpatched vulnerabilities?

Yes — Softtemplates For Elementor currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is Softtemplates For Elementor compatible with WordPress 5.9.13?

According to WordPress.org data, Softtemplates For Elementor 1.0.8 has been tested up to WordPress 5.9.13. Check the plugin's changelog for the latest compatibility information.

Is Softtemplates For Elementor compatible with PHP 7.0+?

Softtemplates For Elementor requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Softtemplates For Elementor updated?

Softtemplates For Elementor was last updated on Mar 27, 2022. Frequent updates are generally a positive security signal.

What is Softtemplates For Elementor's security score?

Softtemplates For Elementor has a WP-Safety security score of 64/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Softtemplates For Elementor Security & Risk Analysis

wordpress.org/plugins/softtemplates-for-elementor

SoftTemplates for Elementor is a plugin that allows you to create a header, footer, blog archive, blog page, search page, single page template and sin …

300 active installs v1.0.8 PHP 7.0+ WP 4.7+ Updated Mar 27, 2022

archive-builderelementorfooter-builderheader-buildersingle-post-builder

C · Use Caution

CVEs total1

Unpatched1

Last CVENov 28, 2024

Plugin page Download

Safety Verdict

Is Softtemplates For Elementor Safe to Use in 2026?

Use With Caution

Score 64/100

Softtemplates For Elementor has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.

1 known CVE 1 unpatched Last CVE: Nov 28, 2024Updated 4yr ago

Risk Assessment

The 'softtemplates-for-elementor' plugin v1.0.8 exhibits a mixed security posture. While it demonstrates good practices such as 100% prepared SQL statements and a high percentage of output escaping, several significant concerns are present. The presence of an unprotected AJAX handler significantly broadens the attack surface, potentially allowing unauthenticated users to trigger sensitive actions. The taint analysis revealing two high-severity flows with unsanitized paths indicates potential vulnerabilities where user-supplied data might be processed insecurely, though no critical severity flows were found.

The plugin's vulnerability history is concerning, with one medium-severity Cross-Site Scripting (XSS) vulnerability discovered recently. The fact that this vulnerability is currently unpatched suggests a lack of timely security updates or a delayed response to reported issues, which is a critical indicator of potential ongoing risk. While the plugin has some strengths in its coding practices, the combination of an unprotected entry point, high-severity taint flows, and an unpatched XSS vulnerability points to a moderate to high risk profile for installations using this version.

Key Concerns

Unprotected AJAX handler
High severity unsanitized taint flows
Unpatched CVE (Medium Severity)
No nonce checks on AJAX

Vulnerabilities

Softtemplates For Elementor Security Vulnerabilities

CVEs by Year

1 CVE in 2024 · unpatched

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-53764medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Softtemplates For Elementor <= 1.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting

Nov 28, 2024Unpatched

Code Analysis

Analyzed Mar 16, 2026

Softtemplates For Elementor Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

455 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

Output Escaping

86% escaped527 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

attach_handlers (includes\dashboard\base.php:145)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

Softtemplates For Elementor Attack Surface

Entry Points3

Unprotected1

AJAX Handlers 3

authwp_ajax_soft_template_get_templatesincludes\templates\manager.php:49

authwp_ajax_soft_template_core_clone_templateincludes\templates\manager.php:50

authwp_ajax_elementor_get_template_dataincludes\templates\manager.php:56

WordPress Hooks 67

actionadmin_enqueue_scriptsframework\interface-builder\cherry-x-interface-builder.php:151

actionwp_enqueue_scriptsframework\interface-builder\inc\class-cx-controls-base.php:52

actionadmin_enqueue_scriptsframework\interface-builder\inc\class-cx-controls-base.php:53

actionadmin_footerframework\interface-builder\inc\controls\iconpicker.php:85

actioncustomize_controls_print_footer_scriptsframework\interface-builder\inc\controls\iconpicker.php:86

filtercx_handler_response_dataframework\interface-builder\inc\controls\iconpicker.php:87

filtercx_control/add_repeater_dataframework\interface-builder\inc\controls\iconpicker.php:179

actionadmin_footerframework\interface-builder\inc\controls\repeater.php:80

actioncustomize_controls_print_footer_scriptsframework\interface-builder\inc\controls\repeater.php:81

filtercx_control/is_repeaterframework\interface-builder\inc\controls\repeater.php:119

actionafter_setup_themeframework\loader.php:83

actionafter_setup_themeframework\loader.php:84

actionelementor/editor/before_enqueue_scriptsincludes\assets.php:35

actionelementor/editor/after_enqueue_stylesincludes\assets.php:36

actionelementor/editor/footerincludes\assets.php:37

actionelementor/preview/enqueue_stylesincludes\assets.php:38

actionwp_enqueue_scriptsincludes\assets.php:40

actionelementor/frontend/before_enqueue_scriptsincludes\assets.php:42

actionelementor/frontend/after_register_stylesincludes\assets.php:44

actionelementor/frontend/after_register_scriptsincludes\assets.php:45

actionadmin_enqueue_scriptsincludes\assets.php:49

actionadmin_footerincludes\assets.php:160

actionelementor/initincludes\class-blocks-integration.php:44

actionelementor/widgets/widgets_registeredincludes\class-blocks-integration.php:46

actionelementor/widgets/widgets_registeredincludes\class-blocks-integration.php:48

filtersoft-template-core/get_location_templates/template_idincludes\compatibility.php:37

filtersoft-template-core/get_location_templates/template_idincludes\compatibility.php:42

actionelementor/editor/after_saveincludes\conditions\manager.php:23

actionwp_trash_postincludes\conditions\manager.php:24

actiontransition_post_statusincludes\conditions\manager.php:25

actionadmin_enqueue_scriptsincludes\dashboard\base.php:46

actionadmin_menuincludes\dashboard\manager.php:41

actioninitincludes\dashboard\manager.php:42

actionadmin_enqueue_scriptsincludes\dashboard\manager.php:43

actionelementor/controls/controls_registeredincludes\elementor-integration.php:34

actionelementor/theme/register_locationsincludes\locations.php:24

actionwp_enqueue_scriptsincludes\locations.php:27

actionadmin_enqueue_scriptsincludes\settings.php:61

actionadmin_noticesincludes\settings.php:62

actionelementor/documents/registerincludes\structures\manager.php:28

actionelementor/dynamic_tags/before_renderincludes\structures\manager.php:30

actionelementor/dynamic_tags/after_renderincludes\structures\manager.php:31

actionelementor/ajax/register_actionsincludes\templates\manager.php:54

filtersoft-template-core/assets/editor/localizeincludes\templates\manager.php:62

actioninitincludes\templates\post-type.php:53

actionadmin_menuincludes\templates\post-type.php:56

filterpost_row_actionsincludes\templates\post-type.php:58

actiontemplate_includeincludes\templates\post-type.php:61

actionsoft-template-core/blank-page/before-contentincludes\templates\post-type.php:62

actionsoft-template-core/blank-page/after-contentincludes\templates\post-type.php:63

actionwp_enqueue_scriptsincludes\templates\post-type.php:65

actionadmin_action_softtemplate_create_new_templateincludes\templates\post-type.php:69

filterposts_whereincludes\utils.php:147

filteruael_nav_menu_attrsincludes\widgets\soft-template-menu.php:2170

filternav_menu_valuesincludes\widgets\soft-template-menu.php:2171

actionwpoverrides\default-compat.php:21

actionget_headeroverrides\default-compat.php:39

actionget_footeroverrides\default-compat.php:43

filtertemplate_includeoverrides\default-compat.php:47

filtertemplate_includeoverrides\default-compat.php:51

filtertemplate_includeoverrides\default-compat.php:55

actionafter_setup_themesoft-template-core.php:106

actioninitsoft-template-core.php:109

actioninitsoft-template-core.php:111

filterwoocommerce_add_to_cart_fragmentssoft-template-core.php:182

filterwoocommerce_add_to_cart_fragmentssoft-template-core.php:183

filterwoocommerce_add_to_cart_fragmentssoft-template-core.php:184

Maintenance & Trust

Softtemplates For Elementor Maintenance & Trust

Maintenance Signals

WordPress version tested5.9.13

Last updatedMar 27, 2022

PHP min version7.0

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs300

Alternatives

Softtemplates For Elementor Alternatives

Boostify Header Footer Builder for Elementor

boostify-header-footer-builder

Create Header, Footer and Mega menu for your WordPress website using Elementor Page Builder for free.

9K 4 CVEs

BuildWithGuru Sticky Header & Footer Builder for Elementor

buildwithguru

100

Create custom headers and footers with Elementor and apply optional sticky behavior on scroll. Lightweight and compatible with most WordPress themes.

40 No CVEs

Site Builder for Elementor

site-builder-for-elementor

100

An intuitive solution to create custom header/footer for your site with Elementor Page Builder and site elements.

10 No CVEs

Prime Builder

prime-builder

100

A theme builder for Elementor — build headers, footers, archive and single templates, and customize theme parts with Elementor.

0 No CVEs

ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor

elementskit-lite

Join millions who empower their websites with ElementsKit Elementor Addons. Get templates, & 100+ widgets like header-footer, mega menu, custom widget

2.0M 21 CVEs

Developer Profile

Softtemplates For Elementor Developer Profile

SoftHopper

2 plugins · 400 total installs

trust score

Avg Security Score

64/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Softtemplates For Elementor

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/softtemplates-for-elementor/framework/cx-ui/assets/css/cx-ui.css/wp-content/plugins/softtemplates-for-elementor/framework/cx-ui/assets/js/cx-ui.js/wp-content/plugins/softtemplates-for-elementor/framework/interface-builder/assets/css/interface-builder.css/wp-content/plugins/softtemplates-for-elementor/framework/interface-builder/assets/js/interface-builder.js/wp-content/plugins/softtemplates-for-elementor/assets/css/admin.css/wp-content/plugins/softtemplates-for-elementor/assets/js/admin.js/wp-content/plugins/softtemplates-for-elementor/assets/css/frontend.css/wp-content/plugins/softtemplates-for-elementor/assets/js/frontend.js+2 more

Script Paths

/wp-content/plugins/softtemplates-for-elementor/framework/cx-ui/assets/js/cx-ui.js/wp-content/plugins/softtemplates-for-elementor/framework/interface-builder/assets/js/interface-builder.js/wp-content/plugins/softtemplates-for-elementor/assets/js/admin.js/wp-content/plugins/softtemplates-for-elementor/assets/js/frontend.js/wp-content/plugins/softtemplates-for-elementor/includes/templates/assets/js/templates.js

Version Parameters

softtemplates-for-elementor/framework/cx-ui/assets/css/cx-ui.css?ver=softtemplates-for-elementor/framework/cx-ui/assets/js/cx-ui.js?ver=softtemplates-for-elementor/framework/interface-builder/assets/css/interface-builder.css?ver=softtemplates-for-elementor/framework/interface-builder/assets/js/interface-builder.js?ver=softtemplates-for-elementor/assets/css/admin.css?ver=softtemplates-for-elementor/assets/js/admin.js?ver=softtemplates-for-elementor/assets/css/frontend.css?ver=softtemplates-for-elementor/assets/js/frontend.js?ver=softtemplates-for-elementor/includes/templates/assets/css/templates.css?ver=softtemplates-for-elementor/includes/templates/assets/js/templates.js?ver=

HTML / DOM Fingerprints

CSS Classes

cx-ui-wrappercx-ui-fieldcx-ui-field-wrapcx-ui-tab-titlecx-ui-tabs-wrappersoft-template-core-dashboard-pagesoft-template-core-template-managersoft-template-core-templates-list-table

HTML Comments

SoftTemplates for Elementor HeaderSoftTemplates for Elementor FooterSoftTemplates for Elementor Single Post TemplateSoftTemplates for Elementor Archive Page Template

Data Attributes

data-cx-ui-controldata-cx-ui-field-iddata-soft-template-id

JS Globals

SoftTemplateCoreAdminSoftTemplateCoreFrontendSoftTemplateCoreTemplates

REST Endpoints

/wp-json/soft-template-core/v1/templates/wp-json/soft-template-core/v1/settings

Shortcode Output

[soft_template_header][soft_template_footer][soft_template_single_post][soft_template_archive]

FAQ