Elementor: Bug Bounty Program

Elementor is the best WordPress Website Builder, with over 10 million active installs.

  • Points – $4,000 per vulnerability
  • Up to $5,000 maximum reward
  • Safe harbor

New targets and increased rewards! Please read

We hope your testing is going well. Here is an update that should make things a bit more interesting!

We've updated the reward ranges, specially for exceptional (RCE, etc.) submissions that will now receive $5,000.

We've added new Cloud targets. Here's the new scope update:

In order to test Elementor’s Cloud product (elementor.cloud) you should:

  1. Create an Elementor account using your Bugcrowd Ninja email address at - https://my.elementor.com/signup/
  2. Verify your email address - you’ll receive a verification email upon registration
  3. Receive a temporary Cloud subscription at - https://my.elementor.com/checkout-2/?add-to-cart=11505169
  4. Start your ethical research :)
  • It is important to emphasize that we have a daily limitation on sites creation as part of our Bug Bounty program
  • Websites hosted on our Cloud service (*.elementor.cloud) are explicitly out of scope and should not be researched

As always, please see the program brief for the full details around testing. If you have any questions, please reach out to support@bugcrowd.com.

Get out there and lay claim to those bugs!

Mati_bugcrowd
Mati_bugcrowd