| CVE-2024-8325 | Gutenberg Page Builder Blocks & Ready-Made Patterns Library <= 3.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting | blockspare | BlockSpare — News, Magazine and Blog Addons for (Gutenberg) Block Editor | Medium | 6.4 | 2024-09-04 05:31:00 | Deep Dive |
| CVE-2024-43946 | WordPress SKT Blocks plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability | SKT Themes | SKT Blocks – Gutenberg based Page Builder | Medium | 6.5 | 2024-08-29 18:03:13 | Deep Dive |
| CVE-2024-43953 | WordPress Classic Addons – WPBakery Page Builder plugin <= 3.5 - Cross Site Scripting (XSS) vulnerability | webcodingplace | Classic Addons – WPBakery Page Builder | Medium | 6.5 | 2024-08-29 17:53:37 | Deep Dive |
| CVE-2024-43960 | WordPress Web and WooCommerce Addons for WPBakery Builder plugin <= 1.4.6 - Cross Site Scripting (XSS) vulnerability | Page Builder Addons | Web and WooCommerce Addons for WPBakery Builder | Medium | 5.9 | 2024-08-29 17:47:34 | Deep Dive |
| CVE-2024-7895 | Beaver Builder (Lite Version) <= 2.8.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via type Parameter | beaverbuilder | Beaver Builder Page Builder – Drag and Drop Website Builder | Medium | 6.4 | 2024-08-29 10:59:42 | Deep Dive |
| CVE-2024-7132 | CoBlocks < 3.1.13 - Editor+ Stored XSS | Unknown | Page Builder Gutenberg Blocks | - | - | 2024-08-29 06:00:03 | Deep Dive |
| CVE-2024-5583 | The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Testimonials Widget Settings | posimyththemes | The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce | Medium | 6.4 | 2024-08-22 02:02:04 | Deep Dive |
| CVE-2024-5763 | The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Video Widget | posimyththemes | The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce | Medium | 6.4 | 2024-08-20 03:21:10 | Deep Dive |
| CVE-2024-6575 | The Plus Addons for Elementor <= 5.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via TP Page Scroll Widget | posimyththemes | The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce | Medium | 6.4 | 2024-08-20 03:21:10 | Deep Dive |
| CVE-2024-43345 | WordPress Landing Page Builder plugin <= 1.5.2.0 - Local File Inclusion vulnerability | PluginOps | Landing Page Builder | High | 7.5 | 2024-08-19 19:28:12 | Deep Dive |
| CVE-2024-43281 | WordPress Void Elementor Post Grid Addon for Elementor Page builder plugin <= 2.3 - Local File Inclusion vulnerability | VOID CODERS | Void Elementor Post Grid Addon for Elementor Page builder | Medium | 5.3 | 2024-08-19 17:47:19 | Deep Dive |
| CVE-2024-43291 | WordPress Void Contact Form 7 Widget For Elementor Page Builder plugin <= 2.4.1 - Cross Site Scripting (XSS) vulnerability | voidCoders | Void Contact Form 7 Widget For Elementor Page Builder | Medium | 5.9 | 2024-08-18 21:13:32 | Deep Dive |
| CVE-2024-43308 | WordPress Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor plugin <= 3.3.5 - Cross Site Scripting (XSS) vulnerability | Gutentor | Gutentor - Gutenberg Blocks - Page Builder for Gutenberg Editor | Medium | 6.5 | 2024-08-18 14:19:06 | Deep Dive |
| CVE-2024-43320 | WordPress WPBakery Page Builder Addons plugin <= 3.9 - Cross Site Scripting (XSS) vulnerability | Livemesh | Livemesh Addons for WPBakery Page Builder | Medium | 6.5 | 2024-08-18 14:15:03 | Deep Dive |
| CVE-2023-4730 | LadiApp: Landing Page, PopupX, Marketing Automation, Affiliate Marketing… <= 4.3 - Missing Authorization via init_endpoint | binhnguyenplus | LadiApp: Landing Page, PopupX, Marketing Automation, Affiliate Marketing… | Medium | 5.3 | 2024-08-17 07:34:23 | Deep Dive |
| CVE-2024-7588 | Gutenberg Blocks, Page Builder – ComboBlocks <= 2.2.87 - Authenticated (Contributor+) Stored Cross-Site Scripting via Accordion Block | pickplugins | Post Grid | Medium | 6.4 | 2024-08-14 04:29:55 | Deep Dive |
| CVE-2024-6254 | Brizy – Page Builder <= 2.5.1 - Cross-Site Request Forgery | themefusecom | Brizy – Page Builder | Medium | 4.3 | 2024-08-08 03:30:45 | Deep Dive |
| CVE-2024-6315 | Blox Page Builder <= 1.0.65 - Authenticated (Contributor+) Arbitrary File Upload | unitecms | Blox Page Builder | High | 8.8 | 2024-08-06 01:49:58 | Deep Dive |
| CVE-2024-39661 | WordPress Kubio AI Page Builder plugin <= 2.2.4 - Authenticated Cross Site Scripting (XSS) vulnerability | ExtendThemes | Kubio AI Page Builder | Medium | 6.5 | 2024-08-01 21:41:30 | Deep Dive |
| CVE-2024-2455 | Element Pack - Addon for Elementor Page Builder WordPress Plugin <= 7.9.0 - Authenticated(Contributor+) Stored Cross-Site Scripting via Wrapper Link URL | BDThemes | Element Pack Pro - Addon for Elementor Page Builder WordPress Plugin | Medium | 6.4 | 2024-08-01 12:43:27 | Deep Dive |