VYPR

Divi Builder

by WordPress

CVEs (2)

  • CVE-2020-35945CriJan 1, 2021
    risk 0.65cvss 9.9epss 0.02

    An issue was discovered in the Divi Builder plugin, Divi theme, and Divi Extra theme before 4.5.3 for WordPress. Authenticated attackers, with contributor-level or above capabilities, can upload arbitrary files, including .php files. This occurs because the check for file…

  • CVE-2024-4490MedMay 14, 2024
    risk 0.42cvss 6.4epss 0.01

    The Elegant Themes Divi theme, Extra theme, and Divi Page Builder plugin for WordPress are vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘title’ parameter in versions up to, and including, 4.25.0 due to insufficient input sanitization and output escaping. This…