Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

WPBakery — Vulnerabilities & Security Advisories 15

Browse all 15 CVE security advisories affecting WPBakery. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by WPBakery:WPBakery Page BuilderTemplatera
CVE IDTitleCVSSSeverityPublished
CVE-2025-10006 WPBakery Page Builder <= 8.6 - Authenticated (Contributor+) Stored Cross-Site Scripting — WPBakery Page BuilderCWE-79 6.4 Medium2025-10-18
CVE-2025-11160 WPBakery Page Builder <= 8.6.1 - Stored Cross-Site Scripting via Custom JS Module — WPBakery Page BuilderCWE-80 6.4 Medium2025-10-15
CVE-2025-11161 WPBakery Page Builder <= 8.6.1 - Stored Cross-Site Scripting via vc_custom_heading Shortcode — WPBakery Page BuilderCWE-80 6.4 Medium2025-10-15
CVE-2025-54747 WordPress Templatera Plugin <= 2.3.0 - Cross Site Scripting (XSS) Vulnerability — TemplateraCWE-79 6.5 Medium2025-08-14
CVE-2025-7502 WPBakery Page Builder for WordPress <= 8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting — WPBakery Page BuilderCWE-79 6.4 Medium2025-08-06
CVE-2025-4968 WPBakery Page Builder <= 8.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Page Builder Elements — WPBakery Page BuilderCWE-79 6.4 Medium2025-07-24
CVE-2025-4965 WPBakery Page Builder <= 8.4.1 - Authenticated (Author+) Stored Cross-Site Scripting via Grid Builder — WPBakery Page BuilderCWE-79 6.4 Medium2025-06-19
CVE-2024-5708 WPBakery <= 7.7 - Authenticated (Author+) Stored Cross-Site Scripting — WPBakery Page BuilderCWE-79 6.4 Medium2024-08-06
CVE-2024-5709 WPBakery <= 7.7 - Authenticated (Author+) Local File Inclusion — WPBakery Page BuilderCWE-22 8.8 High2024-08-06
CVE-2024-5265 WPBakery Page Builder <= 7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via VC Single Image link attribute — WPBakery Page BuilderCWE-79 6.4 Medium2024-06-13
CVE-2024-1840 WPBakery Visual Composer <= 7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Author — WPBakery Page BuilderCWE-79 6.4 Medium2024-05-02
CVE-2024-1805 WPBakery Visual Composer <= 7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button onclick attribute — WPBakery Page BuilderCWE-79 6.4 Medium2024-05-02
CVE-2024-1842 WPBakery Visual Composer <= 7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Heading tag attribute — WPBakery Page BuilderCWE-79 6.4 Medium2024-05-02
CVE-2024-1841 WPBakery Visual Composer <= 7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Title tag attribute — WPBakery Page BuilderCWE-79 6.4 Medium2024-05-02
CVE-2023-31213 WordPress WPBakery Page Builder Plugin < 6.13.0 is vulnerable to Cross Site Scripting (XSS) — WPBakery Page BuilderCWE-79 6.5 Medium2023-06-22

This page lists every published CVE security advisory associated with WPBakery. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.