5 matches found
WordPress WPBakery Page Builder plugin <= 8.4.1 - Authenticated (Author+) Stored Cross-Site Scripting via Grid Builder vulnerability
Authenticated Author+ Stored Cross-Site Scripting via Grid Builder vulnerability discovered by zer0gh0st in WordPress Plugin WPBakery Page Builder versions = 8.4.1...
CVE-2025-4965
creationtimestamp| type| source ---|---|--- 2025-06-19 07:41:39+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18841 2025-06-19 09:38:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrxa2s24y32r 2025-06-19 11:39:09+00:00| seen|...
CVE-2025-4965
The WPBakery Page Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Grid Builder feature in all versions up to, and including, 8.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possibl...
CVE-2025-4965 WPBakery Page Builder <= 8.4.1 - Authenticated (Author+) Stored Cross-Site Scripting via Grid Builder
The WPBakery Page Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Grid Builder feature in all versions up to, and including, 8.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possibl...
CVE-2025-4965
CVE-2025-4965 (WPBakery Page Builder for WordPress) is a stored XSS vulnerability in the Grid Builder of WPBakery Page Builder, affecting all versions up to 8.4.1. The root cause is insufficient input sanitization and output escaping on user-supplied attributes, enabling an authenticated attacker...