Ally

Elementor

Developer

4.1.0

Latest version

500,000

Installations

No date

Last updated

WordPress Plugin

Active VDP

Report vulnerability

Vulnerabilities

Security Policy

Security Contributors

Vulnerability history

0 present

4 patched

1 Mitigation rules

WordPress Ally - Web Accessibility & Usability plugin <= 4.0.3 - Unauthenticated SQL Injection via URL Path vulnerability
<= 4.0.3
Mar 11, 2026
Broken Access Control vulnerability
<= 4.0.2
Feb 19, 2026
Cross-Site Request Forgery to plugin Settings Update vulnerability
<= 3.8.0
Oct 16, 2025
Cross-Site Scripting (XSS) vulnerability
<= 3.1.0
Apr 9, 2025