WordPress plugin ShopBuilder – Elementor WooCommerce Builder Addons 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application add-on. There is a...

CVE-2025-13456

The ShopBuilder WordPress plugin before 3.2.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2025-13456

The ShopBuilder WordPress plugin before 3.2.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

EUVD-2026-0705

The ShopBuilder WordPress plugin before 3.2.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2025-13456

CVE-2025-13456 concerns the ShopBuilder WordPress plugin prior to 3.2.2. The vulnerability is a reflected XSS caused by insufficient sanitization/escaping of a parameter before output on the page, potentially affecting admin users. Public sources (NVD/Red Hat/PatchStack/CVE lists) confirm the iss...

CVE-2025-13456 Shopbuilder < 3.2.2 - Reflected XSS

The ShopBuilder WordPress plugin before 3.2.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

PT-2026-1052

Name of the Vulnerable Software and Affected Versions ShopBuilder WordPress plugin versions prior to 3.2.2 Description The ShopBuilder WordPress plugin does not properly sanitize and escape a parameter before outputting it, resulting in a Reflected Cross-Site Scripting issue. This could potential...

CVE-2024-34812 WordPress ShopBuilder plugin <= 2.1.8 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in RadiusTheme ShopBuilder – Elementor WooCommerce Builder Addons shopbuilder.This issue affects ShopBuilder – Elementor WooCommerce Builder Addons: from n/a through = 2.1.8...