698 matches found
WordPress plugin Web and WooCommerce Addons for WPBakery Builder 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-sit...
PT-2025-54452
Name of the Vulnerable Software and Affected Versions Merkulove Worker for WPBakery versions through 1.1.1 Description The software contains a missing authorization issue stemming from incorrectly configured access control security levels. This allows for potential exploitation. Recommendations...
WordPress Extensive VC Addons for WPBakery page builder plugin <= 1.9.1 - Unauthenticated Local File Inclusion via 'shortcode_name' Parameter vulnerability
Unauthenticated Local File Inclusion via 'shortcodename' Parameter vulnerability discovered by Naoya Takahashi nakko in WordPress Plugin Extensive VC Addons for WPBakery page builder versions = 1.9.1...
EUVD-2023-36495
Vulnerability in CodexThemes TheGem Elementor, CodexThemes TheGem WPBakery.This issue affects TheGem Elementor: from n/a before 5.8.1.1; TheGem WPBakery: from n/a before 5.8.1.1...
CVE-2023-32238
Vulnerability in CodexThemes TheGem Elementor, CodexThemes TheGem WPBakery.This issue affects TheGem Elementor: from n/a before 5.8.1.1; TheGem WPBakery: from n/a before 5.8.1.1...
CVE-2023-32238
CVE-2023-32238 affects CodexThemes TheGem (Elementor) and TheGem (WPBakery). Affected versions: TheGem for Elementor and TheGem for WPBakery prior to 5.8.1.1. Root cause: broken access control / missing authorization leading to elevation of privilege according to Patchstack, with a CVSS v3.1 base...
CVE-2023-32238 WordPress TheGem theme < 5.8.1.1 - Broken Access Control vulnerability
Vulnerability in CodexThemes TheGem Elementor, CodexThemes TheGem WPBakery.This issue affects TheGem Elementor: from n/a before 5.8.1.1; TheGem WPBakery: from n/a before 5.8.1.1...
CVE-2023-32238 WordPress TheGem theme < 5.8.1.1 - Broken Access Control vulnerability
Vulnerability in CodexThemes TheGem Elementor, CodexThemes TheGem WPBakery.This issue affects TheGem Elementor: from n/a before 5.8.1.1; TheGem WPBakery: from n/a before 5.8.1.1...
PT-2025-53808
Name of the Vulnerable Software and Affected Versions CodexThemes TheGem Elementor versions prior to 5.8.1.1 CodexThemes TheGem WPBakery versions prior to 5.8.1.1 Description A security issue exists in CodexThemes TheGem with both the Elementor and WPBakery page builder integrations. The...
CVE-2025-68532
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in modeltheme ModelTheme Addons for WPBakery and Elementor modeltheme-addons-for-wpbakery allows Stored XSS.This issue affects ModelTheme Addons for WPBakery and Elementor: from n/a through 1.5.6...
EUVD-2025-205191
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in modeltheme ModelTheme Addons for WPBakery and Elementor modeltheme-addons-for-wpbakery allows Stored XSS.This issue affects ModelTheme Addons for WPBakery and Elementor: from n/a through 1.5.6...
CVE-2025-68532
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in modeltheme ModelTheme Addons for WPBakery and Elementor modeltheme-addons-for-wpbakery allows Stored XSS.This issue affects ModelTheme Addons for WPBakery and Elementor: from n/a through 1.5.6...
CVE-2025-68574 WordPress WPBakery Visual Composer WHMCS Elements plugin <= 1.0.4.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in voidcoders WPBakery Visual Composer WHMCS Elements void-visual-whmcs-element allows DOM-Based XSS.This issue affects WPBakery Visual Composer WHMCS Elements: from n/a through = 1.0.4.3...
CVE-2025-68532
CVE-2025-68532 relates to a Stored Cross-Site Scripting vulnerability in ModelTheme Addons for WPBakery and Elementor (modeltheme-addons-for-wpbakery). The issue arises from improper input neutralization during web page generation, allowing stored script execution via the affected plugin. Affecte...
CVE-2025-68532 WordPress ModelTheme Addons for WPBakery and Elementor plugin < 1.5.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in modeltheme ModelTheme Addons for WPBakery and Elementor modeltheme-addons-for-wpbakery allows Stored XSS.This issue affects ModelTheme Addons for WPBakery and Elementor: from n/a through 1.5.6...
WordPress plugin ModelTheme Addons for WPBakery and Elementor 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
PT-2025-53096
Name of the Vulnerable Software and Affected Versions ModelTheme Addons for WPBakery and Elementor versions prior to 1.5.6 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a potential Cross-site Scripting issue. This could...
EUVD-2025-204650
The WC Builder – WooCommerce Page Builder for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'headingcolor' parameter and multiple other styling parameters of the wpbforwpbakeryproductadditionalinformation shortcode in all versions up to, and including, 1.2.0 d...
CVE-2025-14054 WC Builder <= 1.2.0 - Authenticated (Shop Manager+) Stored Cross-Site Scripting via 'heading_color' Shortcode Attribute
The WC Builder – WooCommerce Page Builder for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'headingcolor' parameter and multiple other styling parameters of the wpbforwpbakeryproductadditionalinformation shortcode in all versions up to, and including, 1.2.0 d...
CVE-2025-66165
Missing Authorization vulnerability in merkulove Lottier for WPBakery lottier-wpbakery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lottier for WPBakery: from n/a through = 1.1.7...