Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 799 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-2951 Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor <= 3.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gutentor Block HTML gutentorGutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor Medium 5.4 2026-04-23 02:25:21 Deep Dive
CVE-2026-6703 Responsive Blocks <= 2.2.1 - Missing Authorization to Authenticated (Contributor+) Arbitrary Modification via AJAX Actions cyberchimpsResponsive Blocks – Page Builder for Blocks & Patterns Medium 4.3 2026-04-21 06:43:59 Deep Dive
CVE-2026-6675 Responsive Blocks <= 2.2.0 - Unauthenticated Open Email Relay via REST API 'email_to' Parameter cyberchimpsResponsive Blocks – Page Builder for Blocks & Patterns Medium 5.3 2026-04-21 02:25:40 Deep Dive
CVE-2026-4801 Page Builder Gutenberg Blocks <= 3.1.16 - Authenticated (Contributor+) Stored Cross-Site Scripting via External iCal Feed Data godaddyPage Builder Gutenberg Blocks – CoBlocks Medium 6.4 2026-04-18 03:37:04 Deep Dive
CVE-2026-5427 Kubio AI Page Builder <= 2.7.2 - Missing Authorization to Authenticated (Contributor+) Limited File Upload via Kubio Block Attributes extendthemesKubio AI Page Builder Medium 5.3 2026-04-17 03:36:45 Deep Dive
CVE-2026-4895 Greenshift <= 12.8.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via disablelazy Attribute wpsoulGreenshift – animation and page builder blocks Medium 6.4 2026-04-11 01:24:59 Deep Dive
CVE-2026-3498 BlockArt Blocks <= 2.2.15 - Authenticated (Author+) Stored Cross-Site Scripting via 'clientId' Block Attribute wpblockartBlockArt Blocks – Gutenberg Blocks, Page Builder Blocks ,WordPress Block Plugin, Sections & Template Library Medium 6.4 2026-04-11 01:24:59 Deep Dive
CVE-2026-2712 WP-Optimize <= 4.5.0 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update and Image Manipulation davidandersonWP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance Medium 5.4 2026-04-10 01:24:58 Deep Dive
CVE-2026-2509 Page Builder: Pagelayer <= 2.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button Widget Custom Attributes softaculousPage Builder: Pagelayer – Drag and Drop website builder Medium 6.4 2026-04-08 13:26:00 Deep Dive
CVE-2026-2481 Beaver Builder Page Builder – Drag and Drop Website Builder <= 2.10.1.1 - Authenticated (Author+) Stored Cross-Site Scripting via 'settings[js]' beaverbuilderBeaver Builder Page Builder – Drag and Drop Website Builder Medium 6.4 2026-04-08 11:16:58 Deep Dive
CVE-2026-39703 WordPress WPBITS Addons For Elementor Page Builder plugin <= 1.8.1 - Cross Site Scripting (XSS) vulnerability wpbitsWPBITS Addons For Elementor Page Builder--2026-04-08 08:30:47 Deep Dive
CVE-2026-39464 WordPress Coming Soon Page, Under Construction & Maintenance Mode by SeedProd plugin <= 6.19.8 - Server Side Request Forgery (SSRF) vulnerability SeedProdComing Soon Page, Under Construction & Maintenance Mode by SeedProd--2026-04-08 08:30:06 Deep Dive
CVE-2026-3480 WP Blockade <= 0.9.14 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Shortcode Execution via 'shortcode' Parameter burlingtonbytesWP Blockade – Visual Page Builder Medium 6.5 2026-04-08 06:43:39 Deep Dive
CVE-2026-3311 The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce <= 6.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Progress Bar posimyththemesThe Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce Medium 6.4 2026-04-08 05:29:00 Deep Dive
CVE-2025-14732 Elementor Website Builder <= 3.35.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via REST API elemntorElementor Website Builder – more than just a page builder Medium 6.4 2026-04-08 01:24:43 Deep Dive
CVE-2026-2826 Kadence Blocks — Page Builder Toolkit for Gutenberg Editor <= 3.6.3 - Missing Authorization to Authenticated (Contributor+) Media Upload stellarwpKadence Blocks — Page Builder Toolkit for Gutenberg Editor Medium 4.3 2026-04-04 08:25:20 Deep Dive
CVE-2026-34889 WordPress Ultimate Addons for WPBakery Page Builder plugin < 3.21.4 - Cross Site Scripting (XSS) vulnerability Brainstorm ForceUltimate Addons for WPBakery Page Builder Medium 6.5 2026-04-01 08:51:32 Deep Dive
CVE-2026-34887 WordPress Kubio AI Page Builder plugin <= 2.7.0 - Cross Site Scripting (XSS) vulnerability Extend ThemesKubio AI Page Builder Medium 6.5 2026-03-31 10:19:46 Deep Dive
CVE-2026-2442 Pagelayer <= 2.0.7 - Improper Neutralization of CRLF Sequences to Unauthenticated Email Header Injection via 'email' softaculousPage Builder: Pagelayer – Drag and Drop website builder Medium 5.3 2026-03-28 09:27:10 Deep Dive
CVE-2026-4907 Page-Replica Page Replica Endpoint sitemap sitemap.fetch server-side request forgery Page-ReplicaPage Replica Medium 6.3 2026-03-27 01:33:14 Deep Dive