| CVE-2023-32798 | WordPress Simple Page Ordering plugin <= 2.5.0 - Broken Access Control vulnerability | 10up | Simple Page Ordering | Medium | 5.3 | 2024-12-13 14:23:28 | Deep Dive |
| CVE-2022-47429 | WordPress Coming Soon Landing Page and Maintenance Mode WordPress Plugin plugin <= 2.2.0 - Broken Access Control | 8Degree Themes | Coming Soon Landing Page and Maintenance Mode WordPress Plugin | Medium | 5.3 | 2024-12-13 14:23:16 | Deep Dive |
| CVE-2024-11832 | Beaver Builder – WordPress Page Builder <= 2.8.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting | beaverbuilder | Beaver Builder Page Builder – Drag and Drop Website Builder | Medium | 6.4 | 2024-12-13 08:24:48 | Deep Dive |
| CVE-2024-12581 | Kadence Blocks <= 3.2.53 - Authenticated (Admin+) Stored Cross-Site Scripting | stellarwp | Kadence Blocks — Page Builder Toolkit for Gutenberg Editor | Medium | 4.4 | 2024-12-13 05:24:49 | Deep Dive |
| CVE-2024-11181 | Greenshift – animation and page builder blocks <= 9.9.9.3 - Authenticated (Contributor+) Post Disclosure | wpsoul | Greenshift – animation and page builder blocks | Medium | 4.3 | 2024-12-12 06:46:33 | Deep Dive |
| CVE-2024-11914 | Gutenberg Blocks and Page Layouts – Attire Blocks <= 1.9.5 - Authenticated (Contributor+) Stored Cross-Site Scripting | shafayat-alam | Gutenberg Blocks and Page Layouts – Attire Blocks | Medium | 6.4 | 2024-12-12 03:23:07 | Deep Dive |
| CVE-2023-48750 | WordPress Void Elementor Post Grid Addon for Elementor Page builder plugin <= 2.1.10 - Broken Access Control vulnerability | voidthemes | Void Elementor Post Grid Addon for Elementor Page builder | 中危 | - | 2024-12-09 11:30:27 | Deep Dive |
| CVE-2024-53801 | WordPress Bold Page Builder plugin <= 5.2.1 - Cross Site Scripting (XSS) vulnerability | boldthemes | Bold Page Builder | Medium | 6.5 | 2024-12-06 13:07:34 | Deep Dive |
| CVE-2024-53823 | WordPress The Plus Addons for Elementor plugin <= 5.6.14 - Cross Site Scripting (XSS) vulnerability | POSIMYTH | The Plus Addons for Elementor Page Builder Lite | Medium | 6.5 | 2024-12-06 13:07:31 | Deep Dive |
| CVE-2024-10689 | XLTab – Accordions and Tabs for Elementor Page Builder <= 1.4 - Authenticated (Contributor+) Post Disclosure | webangon | XLTab – Accordions and Tabs for Elementor Page Builder | Medium | 4.3 | 2024-12-06 08:24:59 | Deep Dive |
| CVE-2024-10178 | Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor <= 3.3.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget | gutentor | Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor | Medium | 6.4 | 2024-12-05 04:23:53 | Deep Dive |
| CVE-2024-8962 | WPBITS Addons For Elementor Page Builder <= 1.5.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | wpbits | WPBITS Addons For Elementor Page Builder | Medium | 6.4 | 2024-12-04 11:08:27 | Deep Dive |
| CVE-2024-5020 | Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library | extendthemes | Colibri Page Builder | Medium | 6.4 | 2024-12-04 08:22:47 | Deep Dive |
| CVE-2024-11952 | Classic Addons – WPBakery Page Builder <= 3.0 - Authenticated (Contributor+) Limited Local PHP File Inclusion | webcodingplace | Classic Addons – WPBakery Page Builder | High | 7.5 | 2024-12-04 08:22:46 | Deep Dive |
| CVE-2024-53738 | WordPress Asset CleanUp: Page Speed Booster plugin <=1.3.9.8 - Server Side Request Forgery (SSRF) vulnerability | Gabe Livan | Asset CleanUp: Page Speed Booster | Medium | 4.4 | 2024-11-30 20:48:33 | Deep Dive |
| CVE-2024-11366 | SEO Landing Page Generator <= 1.66.2 - Reflected Cross-Site Scripting | intellasoftsolutions | SEO Landing Page Generator | Medium | 6.1 | 2024-11-28 08:47:33 | Deep Dive |
| CVE-2024-10175 | Pricing Tables For WPBakery Page Builder (formerly Visual Composer) <= 1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via wdo_pricing_tables Shortcode | labibahmed42 | Pricing Tables For WPBakery Page Builder (formerly Visual Composer) | Medium | 6.4 | 2024-11-27 06:41:29 | Deep Dive |
| CVE-2024-11219 | Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE <= 3.0.6 - Unauthetnicated Path Traversal to Arbitrary Image View | themeisle | Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE | Medium | 5.3 | 2024-11-27 05:31:55 | Deep Dive |
| CVE-2024-8236 | Elementor Website Builder – More than Just a Page Builder <= 3.25.7 - Authenticated (Contributor+) Stored Cross-Site Scripting | elemntor | Elementor Website Builder – more than just a page builder | Medium | 6.4 | 2024-11-26 13:56:55 | Deep Dive |
| CVE-2024-9371 | Branda – White Label & Branding, Custom Login Page Customizer <= 3.4.19 - Reflected Cross-Site Scripting | wpmudev | Branda – White Label & Branding, Free Login Page Customizer | Medium | 6.1 | 2024-11-21 04:24:27 | Deep Dive |