11984 matches found
CVE-2026-54193
Contributor Arbitrary File Deletion in Fusion Builder = 3.15.4 versions...
CVE-2026-54194
Contributor PHP Object Injection in Fusion Builder = 3.15.4 versions...
CVE-2026-45436
Subscriber Broken Access Control in WPBakery Page Builder = 8.7.2 versions...
CVE-2026-42385
Unauthenticated Cross Site Scripting XSS in Profile Builder Pro = 3.15.0 versions...
CVE-2026-40723
Subscriber Broken Access Control in Bricks Builder = 2.1.4 versions...
EUVD-2026-37715
Contributor Arbitrary File Deletion in Fusion Builder = 3.15.4 versions...
CVE-2026-54193 WordPress Fusion Builder plugin <= 3.15.4 - Arbitrary File Deletion vulnerability
Contributor Arbitrary File Deletion in Fusion Builder = 3.15.4 versions...
EUVD-2026-37610
Subscriber Broken Access Control in WPBakery Page Builder = 8.7.2 versions...
CVE-2026-45436 WordPress WPBakery Page Builder plugin <= 8.7.2 - Broken Access Control vulnerability
Subscriber Broken Access Control in WPBakery Page Builder = 8.7.2 versions...
CVE-2026-45436
CVE-2026-45436 affects WordPress WPBakery Page Builder plugin for WordPress, specifically versions
CVE-2026-42385
The CVE concerns WordPress Profile Builder Pro plugin, versions ≤ 3.15.0, with an Unauthenticated Cross Site Scripting (XSS) vulnerability. The issue affects the plugin’s handling of input in a way that allows an attacker without authentication to inject script resulting in client-side execution....
CVE-2026-42385 WordPress Profile Builder Pro plugin <= 3.15.0 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Profile Builder Pro = 3.15.0 versions...
EUVD-2026-37608
Unauthenticated Cross Site Scripting XSS in Profile Builder Pro = 3.15.0 versions...
EUVD-2026-37592
Subscriber Broken Access Control in Bricks Builder = 2.1.4 versions...
CVE-2026-40723 WordPress Bricks Builder theme <= 2.1.4 - Broken Access Control vulnerability
Subscriber Broken Access Control in Bricks Builder = 2.1.4 versions...
CVE-2026-40723
The advisory describes CVE-2026-40723 as a Broken Access Control issue in the WordPress Bricks Builder theme, affecting versions
WordPress Themify Builder < 7.5.8 - Open Redirect
The Themify Builder WordPress plugin before version 7.5.8 contains an open redirect vulnerability. The plugin does not validate the tbredirectfail parameter before redirecting users to its value, which could allow attackers to redirect users to malicious websites. id: CVE-2024-3032 info: name:...
WP Popup Builder Popup Forms and Marketing Lead Generation <= 1.3.5 - Arbitrary Shortcode Execution
The The WP Popup Builder Popup Forms and Marketing Lead Generation plugin for WordPress is vulnerable to arbitrary shortcode execution via the wpajaxnoprivshortcodeApiAdd AJAX action in all versions up to, and including, 1.3.5. This is due to the software allowing users to execute an action that...
WordPress Fusion Builder <3.6.2 - Server-Side Request Forgery
WordPress Fusion Builder plugin before 3.6.2 is susceptible to server-side request forgery. The plugin does not validate a parameter in its forms, which can be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. An attacker can...
Popup Builder < 4.0.7 - SQL Injection
The Popup Builder WordPress plugin before 4.0.7 does not validate and properly escape the orderby and order parameters before using them in a SQL statement in the admin dashboard, which could allow high privilege users to perform SQL injection. id: CVE-2022-0228 info: name: Popup Builder 4.0.7 -...