230 matches found
Malicious code in wm-visual-composer-types (npm)
The package wm-visual-composer-types was found to contain malicious code...
MAL-2025-39378 Malicious code in wm-visual-composer-types (npm)
The package wm-visual-composer-types was found to contain malicious code...
CVE-2025-55709 WordPress Visual Composer Website Builder Plugin < 45.15.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Visual Composer Visual Composer Website Builder visualcomposer allows Stored XSS.This issue affects Visual Composer Website Builder: from n/a through 45.15.0...
CVE-2025-55709
CVE-2025-55709 is a storage XSS flaw in the Visual Composer Website Builder plugin. The vulnerability arises from improper input neutralization during web page generation, enabling stored XSS in the affected plugin. Evidence from multiple sources indicates the vulnerability affects the Visual Com...
CVE-2025-55709 WordPress Visual Composer Website Builder Plugin < 45.15.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Visual Composer Visual Composer Website Builder allows Stored XSS. This issue affects Visual Composer Website Builder: from n/a through n/a...
WordPress Visual Composer Website Builder Plugin < 45.15.0 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Visual Composer Website Builder versions 45.15.0...
WordPress plugin Visual Composer Website Builder 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
PT-2025-33397 · WordPress · Visual Composer Website Builder
Name of the Vulnerable Software and Affected Versions: Visual Composer Website Builder affected versions not specified Description: Improper neutralization of input during web page generation allows for Stored Cross-site Scripting XSS. Recommendations: At the moment, there is no information about...
SAP NetWeaver Visual Composer Metadata Uploader Installed
Binary data sapnwmduinstalled.nbin...
SAP NetWeaver Visual Composer Directory Traversal Vulnerability
SAP NetWeaver Visual Composer is a graphical modeling environment in the SAP NetWeaver platform for rapid development and deployment of composite applications. A directory traversal vulnerability exists in SAP NetWeaver Visual Composer, which stems from insufficient input path validation, and can...
The vulnerability in the web-based software modeling tool, Visual Composer, of the SAP NetWeaver software integration platform allows a hacker to gain access to and modify data.
The vulnerability of the Visual Composer web tool, a software modeling tool within the SAP NetWeaver integration platform, is related to an incorrect restriction on the path to the restricted access catalog. Exploiting this vulnerability could allow an attacker to gain read and modify access to...
SAP Netweaver Visual Composer Multiple Vulnerabilities (June 2025)
SAP NetWeaver Visual Composer is affected by a directory traversal vulnerability caused by insufficient validation of input paths provided by a high-privileged user. This allows an attacker to read or modify arbitrary files, resulting in a high impact on confidentiality and a low impact on...
CVE-2025-42977
SAP NetWeaver Visual Composer contains a Directory Traversal vulnerability caused by insufficient validation of input paths provided by a high-privileged user. This allows an attacker to read or modify arbitrary files, resulting in a high impact on confidentiality and a low impact on integrity...
CVE-2025-42977
CVE-2025-42977 concerns SAP NetWeaver Visual Composer and is a directory-traversal vulnerability caused by insufficient validation of input paths provided by a high-privileged user. The affected component is the SAP NetWeaver Visual Composer environment; the underlying issue is improper input pat...
CVE-2025-42977 Directory Traversal vulnerability in SAP NetWeaver Visual Composer
SAP NetWeaver Visual Composer contains a Directory Traversal vulnerability caused by insufficient validation of input paths provided by a high-privileged user. This allows an attacker to read or modify arbitrary files, resulting in a high impact on confidentiality and a low impact on integrity...
SAP NetWeaver Visual Composer 路径遍历漏洞
SAP NetWeaver Visual Composer is a graphical modeling environment in the SAP NetWeaver platform for rapid development and deployment of composite applications. A directory traversal vulnerability exists in SAP NetWeaver Visual Composer, which stems from insufficient input path validation, and can...
PT-2025-24585 · Sap · Sap Netweaver Visual Composer
Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Visual Composer affected versions not specified Description: The issue is caused by insufficient validation of input paths provided by a high-privileged user, allowing an attacker to read or modify arbitrary files. This results ...
CVE-2024-43263
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Visual Composer Visual Composer Starter allows Stored XSS.This issue affects Visual Composer Starter: from n/a through 3.3...
CVE-2024-27997
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Visual Composer Visual Composer Website Builder visualcomposer.This issue affects Visual Composer Website Builder: from n/a through = 45.6.0...
CVE-2024-35653
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Visual Composer Visual Composer Website Builder visualcomposer.This issue affects Visual Composer Website Builder: from n/a through = 45.8.0...