buildElementor•apiREST APIerrorerrorextensionElementorhourglass_bottomloading-issuewarningvalidation•star_halfUncommon•warningModerate

Elementor: Failed to load Elementor editor due to missing wp_rest nonce

The editor tries to load data through the WordPress REST API. It expects a wp_rest nonce that proves the request comes from a logged‑in user. If the nonce is absent or invalid, the REST request is rejected and the editor never finishes loading.

The nonce is printed in the page header by the wp_api script. When a theme or plugin deregisters that script, the nonce never reaches the page. Caching plugins may serve an old version of the page that contains an expired nonce. Security or firewall plugins may block the wp‑json endpoint or strip the X‑WP‑Nonce header.

When the REST API itself is disabled, WordPress returns a 403 or 404 response. The editor receives no valid nonce and shows a perpetual loading spinner. Mixed HTTP/HTTPS URLs also break the verification because the nonce is tied to the origin.

Corrupted core files that generate or verify nonces produce the same error. Out‑of‑date Elementor or Elementor Pro versions use older nonce handling that newer WordPress releases reject.

Symptoms

[dashicons-warning]

Infinite loading spinner

Editor never leaves the initial loading screen.

[dashicons-warning]

Console error

Browser console shows "Missing wp_rest nonce" or "Invalid nonce".

[dashicons-warning]

Failed REST request

Network tab displays a 403/404/500 response from wp-json endpoints.

[dashicons-warning]

Save warning

Attempting to save a page triggers a warning that changes may not be saved.

Common Causes

REST API blocked

Security, firewall or optimization plugins disable wp-json routes.

Nonce not printed

Theme or plugin deregisters wp_api script, removing the nonce from the header.

Stale cache

Page‑cache or CDN serves an old HTML page with an expired nonce.

Plugin conflict

Add‑ons that modify REST requests strip the X‑WP‑Nonce header.

Mixed URL scheme

Editor loads over HTTPS while REST request uses HTTP, causing verification to fail.

Server security rules

ModSecurity blocks Authorization or X‑WP‑Nonce headers for wp-json calls.

Need this fixed right now?

Don't waste your day debugging. Our experts can Fix your issues in under 2 hours.*

Success Rate

100% Guaranteed

Starting from

$35 /hour

99+

Trusted by Business Owners

“I spent 3 days trying to fix the Elementor loading loop. These guys fixed it in 20 minutes. Lifesavers!”

— Sarah J., Web Designer

Related Issues

Contact Form 7: REST API request failed: 503 Service Unavailable

A 503 Service Unavailable response stops Contact Form 7 from sending data...

apiREST APIerror503descriptioncontact-form-7

Contact Form 7: REST API request failed: 429 Too Many Requests

The form tries to send data through the WordPress REST API. The...

apiREST APIerrorerrorsecurityfirewalldescriptioncontact-form-7settingsserver_configuration

Contact Form 7: REST API request failed: 401 Unauthorized

The form tries to send data via the WordPress REST API. The...

apiREST APIadmin_panel_settingspermissionsdescriptioncontact-form-7lock401

Contact Form 7: File upload error: temporary directory missing

The error appears when Contact Form 7 cannot locate a writable temporary...

codePHPcloud_offupload erroradmin_panel_settingspermissionsdescriptiontemporary filedescriptioncontact-form-7

Contact Form 7: Mail (2) sending failed: PHP mail() function disabled

Contact Form 7 reports a failure for Mail (2) when the PHP...

codePHPerrorerrordescriptioncontact-form-7mailMailsettingsserver_configuration

Contact Form 7: Mail (2) sending failed: SSL certificate verification failed

Contact Form 7 reports a failure when trying to send the secondary...

errorerrorlocksslcodecURLdescriptioncontact-form-7