5 matches found
WordPress Extensive VC Addons for WPBakery Page Builder 1.9.0 Code Execution
WordPress Extensive VC Addons for WPBakery Page Builder version 1.9.0 suffers from a remote execution vulnerability. Exploit Title: Extensive VC Addons for WPBakery page builder 1.9.1 - Unauthenticated RCE Date: 12 march 2025 Exploit Author: Ravina Vendor Homepage: wprealize Version: 1.9.1 Tested...
Extensive VC Addons for WPBakery page builder 1.9.0 - Remote Code Execution (RCE)
Exploit Title: Extensive VC Addons for WPBakery page builder 1.9.1 - Unauthenticated RCE Date: 12 march 2025 Exploit Author: Ravina Vendor Homepage: wprealize Version: 1.9.1 Tested on: windows, linux CVE ID : CVE-2023-0159 Vulnerability Type: Remote Code Execution...
CVE-2023-0159
creationtimestamp| type| source ---|---|--- 2023-09-11 11:49:08+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/5117 2025-03-20 21:02:04+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lktltkjv732e 2025-07-31 15:00:06+00:00| seen|...
CVE-2023-0159 Extensive VC Addons for WPBakery page builder < 1.9.1 - Unauthenticated RCE
The Extensive VC Addons for WPBakery page builder WordPress plugin before 1.9.1 does not validate a parameter passed to the php extract function when loading templates, allowing an unauthenticated attacker to override the template path to read arbitrary files from the hosts file system. This may ...
CVE-2023-0159
The CVE-2023-0159 entry affects the WordPress plugin Extensive VC Addons for WPBakery page builder (versions prior to 1.9.1). The vulnerability arises from not validating a parameter passed to PHP’s extract function when loading templates, permitting an unauthenticated attacker to override the te...