Lucene search
+L

698 matches found

cnnvd
cnnvd
added 2025/12/31 12:0 a.m.5 views

WordPress plugin Web and WooCommerce Addons for WPBakery Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-sit...

6.5CVSS5.9AI score0.00173EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/12/31 12:0 a.m.8 views

PT-2025-54452

Name of the Vulnerable Software and Affected Versions Merkulove Worker for WPBakery versions through 1.1.1 Description The software contains a missing authorization issue stemming from incorrectly configured access control security levels. This allows for potential exploitation. Recommendations...

5.4CVSS6.5AI score0.00173EPSS
Exploits0References7
patchstack
patchstack
added 2025/12/31 12:0 a.m.9 views

WordPress Extensive VC Addons for WPBakery page builder plugin <= 1.9.1 - Unauthenticated Local File Inclusion via 'shortcode_name' Parameter vulnerability

Unauthenticated Local File Inclusion via 'shortcodename' Parameter vulnerability discovered by Naoya Takahashi nakko in WordPress Plugin Extensive VC Addons for WPBakery page builder versions = 1.9.1...

8.1CVSS5.4AI score0.00542EPSS
Exploits0References1Affected Software1
euvd
euvd
added 2025/12/30 12:32 a.m.3 views

EUVD-2023-36495

Vulnerability in CodexThemes TheGem Elementor, CodexThemes TheGem WPBakery.This issue affects TheGem Elementor: from n/a before 5.8.1.1; TheGem WPBakery: from n/a before 5.8.1.1...

5.4CVSS6.4AI score0.00167EPSS
Exploits0References2
nvd
nvd
added 2025/12/30 12:15 a.m.3 views

CVE-2023-32238

Vulnerability in CodexThemes TheGem Elementor, CodexThemes TheGem WPBakery.This issue affects TheGem Elementor: from n/a before 5.8.1.1; TheGem WPBakery: from n/a before 5.8.1.1...

5.4CVSS0.00167EPSS
Exploits0References1
cve
cve
added 2025/12/29 11:18 p.m.20 views

CVE-2023-32238

CVE-2023-32238 affects CodexThemes TheGem (Elementor) and TheGem (WPBakery). Affected versions: TheGem for Elementor and TheGem for WPBakery prior to 5.8.1.1. Root cause: broken access control / missing authorization leading to elevation of privilege according to Patchstack, with a CVSS v3.1 base...

5.4CVSS8.7AI score0.00167EPSS
Exploits0References1
cvelist
cvelist
added 2025/12/29 11:18 p.m.26 views

CVE-2023-32238 WordPress TheGem theme < 5.8.1.1 - Broken Access Control vulnerability

Vulnerability in CodexThemes TheGem Elementor, CodexThemes TheGem WPBakery.This issue affects TheGem Elementor: from n/a before 5.8.1.1; TheGem WPBakery: from n/a before 5.8.1.1...

5.4CVSS0.00167EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/12/29 11:18 p.m.1 views

CVE-2023-32238 WordPress TheGem theme < 5.8.1.1 - Broken Access Control vulnerability

Vulnerability in CodexThemes TheGem Elementor, CodexThemes TheGem WPBakery.This issue affects TheGem Elementor: from n/a before 5.8.1.1; TheGem WPBakery: from n/a before 5.8.1.1...

5.4CVSS6.5AI score0.00167EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/12/29 12:0 a.m.6 views

PT-2025-53808

Name of the Vulnerable Software and Affected Versions CodexThemes TheGem Elementor versions prior to 5.8.1.1 CodexThemes TheGem WPBakery versions prior to 5.8.1.1 Description A security issue exists in CodexThemes TheGem with both the Elementor and WPBakery page builder integrations. The...

5.4CVSS6.5AI score0.00167EPSS
Exploits0References4
redhatcve
redhatcve
added 2025/12/25 1:23 p.m.5 views

CVE-2025-68532

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in modeltheme ModelTheme Addons for WPBakery and Elementor modeltheme-addons-for-wpbakery allows Stored XSS.This issue affects ModelTheme Addons for WPBakery and Elementor: from n/a through 1.5.6...

6.5CVSS6AI score0.00139EPSS
Exploits0References1
euvd
euvd
added 2025/12/24 3:30 p.m.6 views

EUVD-2025-205191

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in modeltheme ModelTheme Addons for WPBakery and Elementor modeltheme-addons-for-wpbakery allows Stored XSS.This issue affects ModelTheme Addons for WPBakery and Elementor: from n/a through 1.5.6...

5.4CVSS5.5AI score0.00139EPSS
Exploits0References2
nvd
nvd
added 2025/12/24 1:16 p.m.9 views

CVE-2025-68532

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in modeltheme ModelTheme Addons for WPBakery and Elementor modeltheme-addons-for-wpbakery allows Stored XSS.This issue affects ModelTheme Addons for WPBakery and Elementor: from n/a through 1.5.6...

6.5CVSS0.00139EPSS
Exploits0References1
cvelist
cvelist
added 2025/12/24 1:10 p.m.31 views

CVE-2025-68574 WordPress WPBakery Visual Composer WHMCS Elements plugin <= 1.0.4.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in voidcoders WPBakery Visual Composer WHMCS Elements void-visual-whmcs-element allows DOM-Based XSS.This issue affects WPBakery Visual Composer WHMCS Elements: from n/a through = 1.0.4.3...

5.9CVSS0.00172EPSS
Exploits0References1
cve
cve
added 2025/12/24 12:31 p.m.17 views

CVE-2025-68532

CVE-2025-68532 relates to a Stored Cross-Site Scripting vulnerability in ModelTheme Addons for WPBakery and Elementor (modeltheme-addons-for-wpbakery). The issue arises from improper input neutralization during web page generation, allowing stored script execution via the affected plugin. Affecte...

6.5CVSS5.6AI score0.00139EPSS
Exploits0References1
cvelist
cvelist
added 2025/12/24 12:31 p.m.32 views

CVE-2025-68532 WordPress ModelTheme Addons for WPBakery and Elementor plugin < 1.5.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in modeltheme ModelTheme Addons for WPBakery and Elementor modeltheme-addons-for-wpbakery allows Stored XSS.This issue affects ModelTheme Addons for WPBakery and Elementor: from n/a through 1.5.6...

6.5CVSS0.00139EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/12/24 12:0 a.m.6 views

WordPress plugin ModelTheme Addons for WPBakery and Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

6.5CVSS5.9AI score0.00139EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/12/24 12:0 a.m.10 views

PT-2025-53096

Name of the Vulnerable Software and Affected Versions ModelTheme Addons for WPBakery and Elementor versions prior to 1.5.6 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a potential Cross-site Scripting issue. This could...

5.4CVSS6.3AI score0.00139EPSS
Exploits0References4
euvd
euvd
added 2025/12/21 3:31 a.m.5 views

EUVD-2025-204650

The WC Builder – WooCommerce Page Builder for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'headingcolor' parameter and multiple other styling parameters of the wpbforwpbakeryproductadditionalinformation shortcode in all versions up to, and including, 1.2.0 d...

4.4CVSS4.6AI score0.00199EPSS
Exploits0References6
cvelist
cvelist
added 2025/12/21 2:20 a.m.22 views

CVE-2025-14054 WC Builder <= 1.2.0 - Authenticated (Shop Manager+) Stored Cross-Site Scripting via 'heading_color' Shortcode Attribute

The WC Builder – WooCommerce Page Builder for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'headingcolor' parameter and multiple other styling parameters of the wpbforwpbakeryproductadditionalinformation shortcode in all versions up to, and including, 1.2.0 d...

4.4CVSS0.00199EPSS
Exploits0References4
redhatcve
redhatcve
added 2025/12/17 10:2 a.m.4 views

CVE-2025-66165

Missing Authorization vulnerability in merkulove Lottier for WPBakery lottier-wpbakery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lottier for WPBakery: from n/a through = 1.1.7...

5.4CVSS7AI score0.00174EPSS
Exploits0References1
Rows per page
Query Builder