CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

Patchstack•added 2026/03/02 11:36 p.m.•1 views

WordPress Page Builder by SiteOrigin plugin <= 2.33.5 - Authenticated (Contributor+) Local File Inclusion vulnerability

Authenticated Contributor+ Local File Inclusion vulnerability discovered by dragonzenai - AhnLab in WordPress Plugin Page Builder by SiteOrigin versions = 2.33.5...

8.8CVSS5.9AI score0.00181EPSS

Exploits0References1Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-5900

Malicious code in bioql PyPI...

6.4CVSS8.7AI score0.00114EPSS

Exploits0References3

RedhatCVE•added 2025/05/23 9:29 a.m.•1 views

CVE-2024-12240

The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the row label parameter in all versions up to, and including, 2.31.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.8AI score0.0031EPSS

Exploits0References1

NVD•added 2025/03/01 7:15 a.m.•4 views

CVE-2025-1459

The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Embedded VideoPB widget in all versions up to, and including, 2.31.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00114EPSS

Exploits0References2

CVE•added 2025/03/01 6:39 a.m.•64 views

CVE-2025-1459

CVE-2025-1459 describes a stored XSS in the WordPress Page Builder by SiteOrigin plugin. Affected: Page Builder by SiteOrigin (WP plugin) up to version 2.31.4. Root cause: insufficient input sanitization and output escaping in the Embedded Video (PB) widget, enabling authenticated attackers with ...

6.4CVSS5.8AI score0.00114EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2025/03/01 6:39 a.m.•14 views

CVE-2025-1459 Page Builder by SiteOrigin <= 2.31.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4CVSS5.8AI score0.00114EPSS

Exploits0References2

Vulnrichment•added 2025/01/14 11:8 a.m.•6 views

CVE-2024-12240 Page Builder by SiteOrigin <= 2.31.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Row Label Parameter

6.4CVSS5.8AI score0.0031EPSS

Exploits0References2

Vulnrichment•added 2024/03/23 2:32 a.m.•10 views

CVE-2024-2202 Page Builder by SiteOrigin <= 2.29.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Legacy Image Widget

The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the legacy Image widget in all versions up to, and including, 2.29.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS7.4AI score0.00126EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by