| CVE-2024-30183 | WordPress WPBakery Page Builder Addons by Livemesh plugin <= 3.7 - Cross Site Scripting (XSS) vulnerability | Livemesh | Livemesh Addons for WPBakery Page Builder | Medium | 6.5 | 2024-03-27 11:47:23 | Deep Dive |
| CVE-2024-30179 | WordPress Bold Page Builder plugin <= 4.7.6 - Cross Site Scripting (XSS) vulnerability | BoldThemes | Bold Page Builder | Medium | 6.5 | 2024-03-27 11:25:25 | Deep Dive |
| CVE-2023-52214 | WordPress Void Contact Form 7 Widget For Elementor Page Builder plugin <= 2.3 - Broken Access Control vulnerability | voidCoders | Void Contact Form 7 Widget For Elementor Page Builder | Medium | 4.3 | 2024-03-26 12:37:57 | Deep Dive |
| CVE-2024-30235 | WordPress Multiple Page Generator Plugin – MPG plugin <= 3.4.0 - Broken Access Control vulnerability | Themeisle | Multiple Page Generator Plugin – MPG | Medium | 4.3 | 2024-03-26 12:20:26 | Deep Dive |
| CVE-2024-2888 | WordPress Post and Page Builder by BoldGrid plugin <= 1.26.2 - Cross Site Scripting (XSS) vulnerability | BoldGrid | Post and Page Builder by BoldGrid – Visual Drag and Drop Editor | Medium | 6.5 | 2024-03-26 05:41:02 | Deep Dive |
| CVE-2024-1049 | Page Builder Gutenberg Blocks – CoBlocks <= 3.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting | godaddy | Page Builder Gutenberg Blocks – CoBlocks | Medium | 6.4 | 2024-03-23 03:33:42 | Deep Dive |
| CVE-2024-2202 | Page Builder by SiteOrigin <= 2.29.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Legacy Image Widget | gpriday | Page Builder by SiteOrigin | Medium | 6.4 | 2024-03-23 02:32:55 | Deep Dive |
| CVE-2024-27968 | WordPress Super Page Cache for Cloudflare plugin <= 4.7.5 - Cross Site Request Forgery (CSRF) to XSS vulnerability | Optimole | Super Page Cache for Cloudflare | High | 7.1 | 2024-03-21 16:58:07 | Deep Dive |
| CVE-2024-2129 | WPBITS Addons For Elementor Page Builder <= 1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting | wpbits | WPBITS Addons For Elementor Page Builder | Medium | 6.4 | 2024-03-20 06:48:23 | Deep Dive |
| CVE-2024-2255 | Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 4.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting | wpdevteam | Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns | Medium | 6.4 | 2024-03-20 03:20:33 | Deep Dive |
| CVE-2024-0973 | Widget for Social Page Feeds < 6.4 - Admin+ Stored XSS | Unknown | Widget for Social Page Feeds | 中危 | - | 2024-03-18 19:05:47 | Deep Dive |
| CVE-2024-2079 | WPBakery Page Builder Addons by Livemesh <= 3.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | livemesh | WPBakery Page Builder Addons by Livemesh | Medium | 6.4 | 2024-03-13 21:32:55 | Deep Dive |
| CVE-2024-1291 | Brizy – Page Builder <= 2.4.40 - Authenticated (Contributor+) Stored Cross-Site Scripting | themefusecom | Brizy – Page Builder | Medium | 6.4 | 2024-03-13 15:27:27 | Deep Dive |
| CVE-2024-1793 | AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth By AWeber <= 7.3.14 - Authenticated (Admin+) SQL Injection | aweber | AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth | High | 7.2 | 2024-03-13 15:27:24 | Deep Dive |
| CVE-2024-1038 | Beaver Builder – WordPress Page Builder <= 2.7.4.2 - Reflected (DOM-Based) Cross-Site Scripting | beaverbuilder | Beaver Builder Page Builder – Drag and Drop Website Builder | Medium | 5.4 | 2024-03-13 15:27:20 | Deep Dive |
| CVE-2024-1311 | Brizy – Page Builder <= 2.4.40 - Authenticated (Contributor+) Arbitrary File Upload | themefusecom | Brizy – Page Builder | High | 8.8 | 2024-03-13 15:27:19 | Deep Dive |
| CVE-2024-1080 | Beaver Builder – WordPress Page Builder <= 2.7.4.4 - Authenticated(Contributor+) Stored Cross-Site Scripting via heading tag | beaverbuilder | Beaver Builder Page Builder – Drag and Drop Website Builder | Medium | 6.4 | 2024-03-13 15:27:18 | Deep Dive |
| CVE-2024-1541 | Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.23 - Authenticated (Contributor+) Stored Cross-Site Scripting | stellarwp | Kadence Blocks — Page Builder Toolkit for Gutenberg Editor | Medium | 6.4 | 2024-03-13 15:27:16 | Deep Dive |
| CVE-2024-1074 | Beaver Builder – WordPress Page Builder <= 2.7.4.2 - Authenticated(Contributor+) Stored Cross-Site Scripting via Audio Widget | beaverbuilder | Beaver Builder Page Builder – Drag and Drop Website Builder | Medium | 6.4 | 2024-03-13 15:27:09 | Deep Dive |
| CVE-2024-0681 | Page Restriction WordPress (WP) – Protect WP Pages/Post <= 1.3.4 - Protection Mechanism Bypass | cyberlord92 | Page and Post Restriction | Medium | 5.3 | 2024-03-13 15:27:08 | Deep Dive |