CVE-2026-22390 WordPress Builderall Builder for WordPress plugin <= 3.0.1 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Builderall Builderall Builder for WordPress builderall-cheetah-for-wp allows Code Injection.This issue affects Builderall Builder for WordPress: from n/a through = 3.0.1...

CVE-2026-22390

CVE-2026-22390 affects Builderall Builder for WordPress (plugin: builderall-cheetah-for-wp) up to version 3.0.1 and permits Code Injection/Remote Code Execution. The NVD entry reports a CVSS v3.1 base score of 9.9 (CRITICAL) with Network attack vector, Low attack complexity, Privileges Required: ...

CVE-2025-62987 WordPress Builderall Builder for WordPress plugin <= 3.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Builderall Builderall Builder for WordPress builderall-cheetah-for-wp allows Stored XSS.This issue affects Builderall Builder for WordPress: from n/a through = 3.0.1...

WordPress Builderall Builder for WordPress plugin <= 2.0.1 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin Builderall Builder for WordPress versions = 2.0.1...