9 matches found
PT-2026-4429
Name of the Vulnerable Software and Affected Versions Livemesh Addons for WPBakery Page Builder versions through 3.9.4 Description The software contains a flaw related to improper input handling during web page creation, which can lead to Stored Cross-site Scripting XSS. This means that malicious...
builder-addon-pca (>=0.0.1 <=0.0.3), configparser-crypt (>=0.6.2 <=1.1.0) +5 more potentially affected by CVE-2025-63675 via cryptidy (=1.2.4)
cryptidy PYPI version =1.2.4 is affected by a known vulnerability. The following packages have a transitive dependency on cryptidy and may be impacted: - builder-addon-pca =0.0.1, =0.6.2, =1.4.0, =0.2.0, =2.2.0rc6, =0.9.0, =0.0.4, =1.0.6 Source cves: CVE-2025-63675 Source advisory:...
WordPress plugin ShopEngine Elementor WooCommerce Builder Addon 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...
EUVD-2025-21613
Malicious code in bioql PyPI...
CVE-2025-53564
CVE-2025-53564: LambertGroup HTML5 Radio Player - WPBakery Page Builder Addon (<= 2.5) suffers Reflected XSS due to improper input neutralization during page generation. Affected versions are
CVE-2025-53564 WordPress HTML5 Radio Player - WPBakery Page Builder Addon <= 2.5 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup HTML5 Radio Player - WPBakery Page Builder Addon lbgradioplayeraddonvisualcomposer allows Reflected XSS.This issue affects HTML5 Radio Player - WPBakery Page Builder Addon: from n/a...
CVE-2025-31070
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in LambertGroup HTML5 Radio Player - WPBakery Page Builder Addon lbg-cleverbakery allows Path Traversal.This issue affects HTML5 Radio Player - WPBakery Page Builder Addon: from n/a through = 2.5...
CVE-2025-39410
CVE-2025-39410 describes a deserialization of untrusted data vulnerability in the WordPress plugin “Smart Sections Theme Builder – WPBakery Page Builder Addon” (versions up to 1.7.8). Public data in the connected documents confirms a PHP Object Injection flaw that affects this addon, with CVSS v3...
CVE-2023-51401
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder allows Relative Path Traversal.This issue affects Ultimate Addons for Beaver Builder: from n/a through 1.35.13...