Does Visibility Logic for Elementor have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Visibility Logic for Elementor compatible with WordPress 6.9.4?

According to WordPress.org data, Visibility Logic for Elementor 2.5.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Visibility Logic for Elementor compatible with PHP 7.4+?

Visibility Logic for Elementor requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Visibility Logic for Elementor updated?

Visibility Logic for Elementor was last updated on Feb 23, 2026. Frequent updates are generally a positive security signal.

What is Visibility Logic for Elementor's security score?

Visibility Logic for Elementor has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Visibility Logic for Elementor Security & Risk Analysis

wordpress.org/plugins/visibility-logic-elementor

Conditional visibility for Elementor — show or hide widgets based on user role, ACF fields, device type, date & time, browser and more.

30K active installs v2.5.0 PHP 7.4+ WP 5.0+ Updated Feb 23, 2026

conditional-logicdynamic-visibilityelementorrestrict-contentvisibility

A · Safe

CVEs total3

Unpatched0

Last CVEJul 5, 2023

Plugin page Download

Safety Verdict

Is Visibility Logic for Elementor Safe to Use in 2026?

Generally Safe

Score 99/100

Visibility Logic for Elementor has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

3 known CVEsLast CVE: Jul 5, 2023Updated 2mo ago

Risk Assessment

The visibility-logic-elementor plugin exhibits a generally good security posture, with a clean static analysis report showing no immediately apparent critical code vulnerabilities. The absence of unprotected AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the attack surface. Furthermore, the use of prepared statements for SQL queries and a good percentage of properly escaped outputs are positive indicators. The presence of nonce and capability checks, though not exhaustive, demonstrates an awareness of security best practices.

However, the plugin's history of three medium-severity vulnerabilities, specifically related to Missing Authorization and Cross-Site Request Forgery (CSRF), is a notable concern. While these are currently patched, they indicate a recurring pattern of weaknesses in authorization and input validation that attackers could potentially exploit in future versions if not meticulously addressed. The presence of an outdated bundled library, Select2 v3.5.4, also presents a potential risk, as older versions may contain known vulnerabilities that could be leveraged.

Key Concerns

Past medium severity vulnerabilities (3)
Bundled outdated library (Select2 v3.5.4)

Vulnerabilities

3 published

Visibility Logic for Elementor Security Vulnerabilities

CVEs by Year

1 CVE in 2022

2022

2 CVEs in 2023

2023

Patched Has unpatched

Severity Breakdown

Medium

3 total CVEs

WF-72c04de6-78d2-4a45-834a-01ed879b528f-visibility-logic-elementormedium · 4.3Missing Authorization

Visibility Logic for Elementor <= 2.3.4 - Missing Authorization via admin_post 'toggle_option'

Jul 5, 2023 Patched in 2.3.5 (202d)

CVE-2022-47169medium · 4.3Cross-Site Request Forgery (CSRF)

Visibility Logic for Elementor <= 2.3.4 - Cross-Site Request Forgery via toggle_option

Jul 5, 2023 Patched in 2.3.5 (202d)

WF-84003388-c47c-41db-8d2d-4643aa375a89-visibility-logic-elementormedium · 4.3Missing Authorization

Appsero <= 1.2.1 - Missing Authorization

Dec 16, 2022 Patched in 2.3.4 (699d)

Version History

Visibility Logic for Elementor Release Timeline

v2.5.0Current

v2.4.0

v2.3.9

v2.3.7

v2.3.6

v2.3.5.1

v2.3.5

v2.3.42 CVEs

WF-72c04de6-78d2-4a45-834a-01ed879b528f-visibility-logic-elementor CVE-2022-47169

v2.3.33 CVEs

WF-72c04de6-78d2-4a45-834a-01ed879b528f-visibility-logic-elementor WF-84003388-c47c-41db-8d2d-4643aa375a89-visibility-logic-elementor CVE-2022-47169

v2.3.23 CVEs

WF-72c04de6-78d2-4a45-834a-01ed879b528f-visibility-logic-elementor WF-84003388-c47c-41db-8d2d-4643aa375a89-visibility-logic-elementor CVE-2022-47169

v2.3.13 CVEs

WF-72c04de6-78d2-4a45-834a-01ed879b528f-visibility-logic-elementor WF-84003388-c47c-41db-8d2d-4643aa375a89-visibility-logic-elementor CVE-2022-47169

v2.3.03 CVEs

WF-72c04de6-78d2-4a45-834a-01ed879b528f-visibility-logic-elementor WF-84003388-c47c-41db-8d2d-4643aa375a89-visibility-logic-elementor CVE-2022-47169

v2.2.93 CVEs

WF-72c04de6-78d2-4a45-834a-01ed879b528f-visibility-logic-elementor WF-84003388-c47c-41db-8d2d-4643aa375a89-visibility-logic-elementor CVE-2022-47169

v2.2.83 CVEs

WF-72c04de6-78d2-4a45-834a-01ed879b528f-visibility-logic-elementor WF-84003388-c47c-41db-8d2d-4643aa375a89-visibility-logic-elementor CVE-2022-47169

v2.2.73 CVEs

WF-72c04de6-78d2-4a45-834a-01ed879b528f-visibility-logic-elementor WF-84003388-c47c-41db-8d2d-4643aa375a89-visibility-logic-elementor CVE-2022-47169

v2.2.63 CVEs

WF-72c04de6-78d2-4a45-834a-01ed879b528f-visibility-logic-elementor WF-84003388-c47c-41db-8d2d-4643aa375a89-visibility-logic-elementor CVE-2022-47169

v2.2.53 CVEs

WF-72c04de6-78d2-4a45-834a-01ed879b528f-visibility-logic-elementor WF-84003388-c47c-41db-8d2d-4643aa375a89-visibility-logic-elementor CVE-2022-47169

v2.2.43 CVEs

WF-72c04de6-78d2-4a45-834a-01ed879b528f-visibility-logic-elementor WF-84003388-c47c-41db-8d2d-4643aa375a89-visibility-logic-elementor CVE-2022-47169

v2.2.33 CVEs

WF-72c04de6-78d2-4a45-834a-01ed879b528f-visibility-logic-elementor WF-84003388-c47c-41db-8d2d-4643aa375a89-visibility-logic-elementor CVE-2022-47169

v2.2.23 CVEs

WF-72c04de6-78d2-4a45-834a-01ed879b528f-visibility-logic-elementor WF-84003388-c47c-41db-8d2d-4643aa375a89-visibility-logic-elementor CVE-2022-47169

Code Analysis

Analyzed Mar 16, 2026

Visibility Logic for Elementor Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

31 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select23.5.4

SQL Query Safety

100% prepared1 total queries

Output Escaping

76% escaped41 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

1 flows

<layout> (core\admin\layout.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Visibility Logic for Elementor Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 34

actioninitconditional.php:51

actioninitconditional.php:72

actionadmin_post_stax_visibility_options_activationcore\admin\pages\Options.php:24

actionadmin_menucore\admin\Settings.php:36

actionadmin_menucore\admin\Settings.php:37

filteradmin_body_classcore\admin\Settings.php:38

actionadmin_enqueue_scriptscore\admin\Settings.php:39

actionelementor/ajax/register_actionscore\helpers\modules\QueryControl.php:38

actionadmin_noticescore\Plugin.php:38

actionadmin_noticescore\Plugin.php:47

actionelementor/initcore\Plugin.php:57

actionelementor/initcore\Plugin.php:58

filterelementor/widget/render_contentcore\Plugin.php:60

filterelementor/frontend/section/before_rendercore\Plugin.php:61

filterelementor/frontend/container/before_rendercore\Plugin.php:62

filterelementor/frontend/section/should_rendercore\Plugin.php:64

filterelementor/frontend/container/should_rendercore\Plugin.php:65

filterelementor/frontend/widget/should_rendercore\Plugin.php:66

filterelementor/frontend/repeater/should_rendercore\Plugin.php:67

actionelementor/frontend/before_get_builder_contentcore\Plugin.php:69

actionelementor/frontend/get_builder_contentcore\Plugin.php:70

actionwp_footercore\Plugin.php:72

actioninitcore\Plugin.php:74

actionelementor/controls/registercore\Plugin.php:107

actionelementor/editor/before_enqueue_scriptscore\Plugin.php:110

actionelementor/editor/after_enqueue_scriptscore\Plugin.php:111

filterget_post_metadatacore\Plugin.php:545

filterstax/visibility/apply_conditionscore\settings\AcfVisibility.php:24

filterstax/visibility/apply_conditionscore\settings\BrowserTypeVisiblity.php:36

filterstax/visibility/apply_conditionscore\settings\DateTimeVisibility.php:36

filterstax/visibility/apply_conditionscore\settings\DeviceTypeVisibility.php:24

filterstax/visibility/apply_conditionscore\settings\UserMetaVisibility.php:25

filterstax/visibility/apply_conditionscore\settings\UserRoleVisibility.php:24

actionadmin_noticescore\Upgrades.php:59

Maintenance & Trust

Visibility Logic for Elementor Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 23, 2026

PHP min version7.4

Downloads545K

Community Trust

Rating96/100

Number of ratings57

Active installs30K

Alternatives

Visibility Logic for Elementor Alternatives

Conditional Fields for Elementor Form – Apply Conditional Logic

conditional-fields-for-elementor-form

100

Add conditional fields to Elementor forms and apply if-else conditional logic to show or hide Elementor form widget fields via dynamic rules.

10K No CVEs

Conditional Logic Emails, Fields, Redirect for Elementor Forms

conditional-logic-for-elementor-forms

100

Show and hide fields. Send certain email, don't send others. Redirect to one of many pages. The possibilities are endless!

1K No CVEs

Content Locker for Elementor

content-locker-for-elementor

Protect content on your membership website to logged in/out users or specific user roles. Content Locker for Elementor will give you full control over …

30 1 CVE

Membership Visibility Control for Elementor (PMPro) – by Shakib

membership-visibility-for-elementor-pmpro-shakib

100

Adds PMPro-based conditional visibility to Elementor widgets. Unofficial plugin by Shakib Shown.

20 No CVEs

Adaptive Audience Display – Role & Login-Based Visibility for Elementor

adaptive-audience-display

100

Adds login-based visibility controls to Elementor widgets, containers, and sections.

0 No CVEs

Developer Profile

Visibility Logic for Elementor Developer Profile

StaxWP

5 plugins · 32K total installs

trust score

Avg Security Score

92/100

Avg Patch Time

381 days

View full developer profile

Detection Fingerprints

How We Detect Visibility Logic for Elementor

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/visibility-logic-elementor/assets/css/admin.css/wp-content/plugins/visibility-logic-elementor/assets/js/admin.js

Version Parameters

visibility-logic-elementor/assets/css/admin.css?ver=visibility-logic-elementor/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

stax-visibility-admin-page

Data Attributes

data-elementor-settings

JS Globals

elementorFrontend

FAQ

Visibility Logic for Elementor Security & Risk Analysis

Is Visibility Logic for Elementor Safe to Use in 2026?

Generally Safe

Key Concerns

Visibility Logic for Elementor Security Vulnerabilities

CVEs by Year

Severity Breakdown

Visibility Logic for Elementor Release Timeline

Visibility Logic for Elementor Code Analysis

Bundled Libraries

SQL Query Safety

Output Escaping

Data Flow Analysis

Visibility Logic for Elementor Attack Surface

Visibility Logic for Elementor Maintenance & Trust

Maintenance Signals

Community Trust

Visibility Logic for Elementor Alternatives

Conditional Fields for Elementor Form – Apply Conditional Logic

Conditional Logic Emails, Fields, Redirect for Elementor Forms

Content Locker for Elementor

Membership Visibility Control for Elementor (PMPro) – by Shakib

Adaptive Audience Display – Role & Login-Based Visibility for Elementor

Visibility Logic for Elementor Developer Profile

How We Detect Visibility Logic for Elementor

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Visibility Logic for Elementor