CVE-2026-2384

The Connected document identifies a concrete vulnerability: WordPress Quiz Maker plugin (WordPress) versions ≤ 6.7.1.7 suffer an Authenticated Stored Cross-Site Scripting (XSS) via Shortcode vulnerability. It was discovered by Muhammad Yudha - DJ. Root cause is a stored XSS via shortcode; impact ...

CVE-2025-62748

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Genetech Products Web and WooCommerce Addons for WPBakery Builder vc-addons-by-bit14 allows DOM-Based XSS.This issue affects Web and WooCommerce Addons for WPBakery Builder: from n/a through = 1.5...

CVE-2025-62748

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Genetech Products Web and WooCommerce Addons for WPBakery Builder vc-addons-by-bit14 allows DOM-Based XSS.This issue affects Web and WooCommerce Addons for WPBakery Builder: from n/a through = 1.5...

CVE-2025-62748 WordPress Web and WooCommerce Addons for WPBakery Builder plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Genetech Products Web and WooCommerce Addons for WPBakery Builder allows DOM-Based XSS.This issue affects Web and WooCommerce Addons for WPBakery Builder: from n/a through 1.5...

EUVD-2025-205923

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Genetech Products Web and WooCommerce Addons for WPBakery Builder allows DOM-Based XSS.This issue affects Web and WooCommerce Addons for WPBakery Builder: from n/a through 1.5...

CVE-2025-62748 WordPress Web and WooCommerce Addons for WPBakery Builder plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Genetech Products Web and WooCommerce Addons for WPBakery Builder vc-addons-by-bit14 allows DOM-Based XSS.This issue affects Web and WooCommerce Addons for WPBakery Builder: from n/a through = 1.5...

WordPress Web and WooCommerce Addons for WPBakery Builder plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Web and WooCommerce Addons for WPBakery Builder versions = 1.5...

WordPress plugin Web and WooCommerce Addons for WPBakery Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-sit...

CVE-2025-11160

The CVE CVE-2025-11160 applies to the WPBakery Page Builder (WordPress) and is a stored XSS via the Custom JS module in all versions up to 8.6.1. The vulnerability arises from insufficient input sanitization and output escaping of user-supplied JavaScript, enabling authenticated users with contri...

EUVD-2024-40609

Malicious code in bioql PyPI...

CVE-2024-43960

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Page Builder Addons Web and WooCommerce Addons for WPBakery Builder allows Stored XSS.This issue affects Web and WooCommerce Addons for WPBakery Builder: from n/a through 1.4.6...

CVE-2024-43960

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Page Builder Addons Web and WooCommerce Addons for WPBakery Builder allows Stored XSS.This issue affects Web and WooCommerce Addons for WPBakery Builder: from n/a through 1.4.6...

CVE-2024-43960

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Page Builder Addons Web and WooCommerce Addons for WPBakery Builder allows Stored XSS.This issue affects Web and WooCommerce Addons for WPBakery Builder: from n/a through 1.4.6...

CVE-2024-43960 WordPress Web and WooCommerce Addons for WPBakery Builder plugin <= 1.4.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Page Builder Addons Web and WooCommerce Addons for WPBakery Builder allows Stored XSS.This issue affects Web and WooCommerce Addons for WPBakery Builder: from n/a through 1.4.6...

CVE-2024-43960

CVE-2024-43960: Stored XSS in Web and WooCommerce Addons for WPBakery Builder (WPBakery Page Builder) due to improper input neutralization. Affected: Web and WooCommerce Addons for WPBakery Builder, versions n/a–1.4.6. Impact: stored cross-site scripting; specifics on exploit vectors and patch st...

PT-2024-30822 · Unknown · Page Builder Addons Web +1

Name of the Vulnerable Software and Affected Versions: Page Builder Addons Web and WooCommerce Addons for WPBakery Builder versions 1.4.6 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, which...

WordPress Web and WooCommerce Addons for WPBakery Builder plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 4rCanJ0x! Patchstack Alliance in WordPress Plugin Web and WooCommerce Addons for WPBakery Builder versions = 1.5...

WordPress Web and WooCommerce Addons for WPBakery Builder Plugin <= 1.4.7 is vulnerable to Cross Site Scripting (XSS)

Software Web and WooCommerce Addons for WPBakery Builder Type Plugin Vulnerable versions = 1.4.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43960 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c3f6a64bbac8 Credits 4rCanJ0x...

PT-2024-37733 · WordPress · Web/Woocommerce Addons For Wpbakery Builder

Name of the Vulnerable Software and Affected Versions: Web and WooCommerce Addons for WPBakery Builder plugin for WordPress versions prior to 1.4.6 Description: The issue allows authenticated attackers with Subscriber-level access and above to modify plugin settings due to a missing capability...