v1.7x-v8x-v9x Element Flow PrestaShop Site Builder for PrestaShop 9 and 8 and 1.7 V2.2.3 (Newest 20.08.2025)

A

Anvar6120

Well-known member
Elite
XNullUser
Joined
Apr 9, 2022
Messages
32
Reaction score
260
Points
53
NullCash
1,454
Element Flow is a professional PrestaShop site builder, with it you can build most PrestaShop site pages on the front-end using the drag & drop interface.

V2.2.3
Auguest 20, 2025

- Fix: The accordion style of a tab on mobile doesn't work.
- Fix: The page background under the page settings isn't saved.
- Tweak: Add a custom ratio setting to the video widget.
- Tweak: Improved compatibility with the easy filter module.

This module is posted for informational purposes only!
If the module meets your needs, please purchase it from the developer!

DEMO
 

Attachments

  • stsitebuilder.zip
    11.2 MB · Views: 16
N

nizaratie

Member
XNullUser
Joined
Dec 23, 2022
Messages
226
Reaction score
0
Points
16
Location
sinegal
NullCash
41
Thank you very much for sharing. Looks nice.
Post automatically merged:

you share not working module :(((((
Post automatically merged:

DON'T DOWNLOAD NOT WORK
Post automatically merged:

it is work have conflict with crative element (y)
 
Last edited:
unique

unique

Well-known member
Diamond
Elite
XNullUser
Joined
Dec 12, 2020
Messages
2,962
Reaction score
492
Points
83
NullCash
950
Thank you very much for sharing this modul
 
A

Anvar6120

Well-known member
Elite
XNullUser
Joined
Apr 9, 2022
Messages
32
Reaction score
260
Points
53
NullCash
1,454
nizaratie said:
Thank you very much for sharing. Looks nice.
Post automatically merged:

you share not working module :(((((
Post automatically merged:

DON'T DOWNLOAD NOT WORK
Post automatically merged:

it is work have conflict with crative element (y)
Click to expand...
Element Flow is also based on Creative Element.
Tip: Remove the old module that uses Creative Element.
 
I

IAN

Member
XNullUser
Joined
Jan 19, 2022
Messages
162
Reaction score
1
Points
18
NullCash
80
Thank you very much for sharing. Looks nice.
 
C

cmrcmr

Well-known member
Master
Diamond
Elite
XNullUser
Joined
Sep 6, 2019
Messages
1,089
Reaction score
1,580
Points
113
NullCash
6,951
Muchas gracias por compartir este modulo :)
 
Y

yog78

Active member
XNullUser
Joined
May 25, 2021
Messages
1,276
Reaction score
8
Points
38
NullCash
3,755
Thank you very much for sharing this module.
 
E

eson

New member
XNullUser
Joined
Aug 26, 2025
Messages
9
Reaction score
0
Points
1
Location
italy
NullCash
4
Anvar6120 said:
Element Flow is a professional PrestaShop site builder, with it you can build most PrestaShop site pages on the front-end using the drag & drop interface.

V2.2.3
Auguest 20, 2025

- Fix: The accordion style of a tab on mobile doesn't work.
- Fix: The page background under the page settings isn't saved.
- Tweak: Add a custom ratio setting to the video widget.
- Tweak: Improved compatibility with the easy filter module.

This module is posted for informational purposes only!
If the module meets your needs, please purchase it from the developer!

DEMO
Click to expand...
very very thanks for your contribute. you are a very friend
 
P

plamcho

Member
XNullUser
Joined
Sep 27, 2020
Messages
206
Reaction score
1
Points
18
NullCash
19
Fantastic module! I'm using it with the Prestashop classic theme and it works perfectly. Thank You.
 
U

upgreydd

New member
XNullUser
Joined
Aug 28, 2025
Messages
4
Reaction score
0
Points
1
Location
Poland
NullCash
46

Security Report – stsitebuilder.zip​


Summary:
The package was analyzed for potential security issues, including obfuscated code, use of dangerous functions, hidden connections to external servers, and repository artifacts. Below are the findings.

1. Obfuscated Code​

  • File: stsitebuilder/libs/elementor/modules/templates/module.php
  • Contains an eval(base64_decode(...)) block.
  • After decoding, it defines a token validation function. No clear evidence of malware, but the obfuscation makes auditing harder and raises a red flag.
PHP: 
function validateToken($key = '', $type = 0) {
    $key = trim($key);
    if (empty($key)) {
        $time = strtotime('+30 minutes');
        // ...
        return Tools::passwdGen(4) . ...;
    } elseif (strlen($key) == 32) {
        switch ($type) {
            case 0:
                // ...
                return true / -1;
            case 1:
                // ...
            case 2:
                // ...
        }
    }
    return false;
}

2. External Connections​

  • File: stsitebuilder/classes/StModuleLicense.php
  • Uses cURL to communicate with remote servers (license and update checks).
  • Current $api_url and $dl_api_url are set to localhost, but the logic is clearly intended to connect to vendor endpoints.
  • Example: references to CURLOPT_REFERER => "https://www.sunnytoo.com" and update/download scripts.

3. External Resources in Front-End​

  • Multiple references to third-party domains:
    • fonts.googleapis.com (Google Fonts)
    • fontawesome.com (icons)
    • youtube.com / youtube-nocookie.com (video widgets)
    • Documentation/help links to elementor.com

4. SVN Repository Artifacts​

  • The archive contains .svn directories with metadata (wc.db, pristine copies, etc.).
  • Example path: other-setting/childtheme/.svn/...
  • These could expose internal code or configuration if deployed without proper restrictions.

5. Use of Dangerous Functions​

  • No usage of exec, system, shell_exec, passthru, proc_open, or remote include/require.
  • No signs of typical webshell patterns (e.g., eval($_POST['...']), base64+gzinflate payloads).

Conclusion​

  • One obfuscated block found (eval(base64_decode(...))).
  • License system with cURL intended to connect externally but nulled/disabled.
  • Third-party resources embedded in front-end.
  • SVN artifacts present in the package.
  • No evidence of direct backdoors or malicious shell commands.
 
You must log in or register to reply here.
Top