VYPR

Betterdocs

by WordPress

Source repositories

CVEs (10)

  • CVE-2024-30226CriMar 28, 2024
    risk 0.59cvss 9.0epss 0.01

    Deserialization of Untrusted Data vulnerability in WPDeveloper BetterDocs.This issue affects BetterDocs: from n/a through 3.3.3.

  • CVE-2026-4348HigMay 7, 2026
    risk 0.49cvss 7.5epss 0.00

    The BetterDocs Pro plugin for WordPress is vulnerable to SQL Injection via the `get_current_letter_docs` and `docs_sort_by_letter` AJAX actions in all versions up to, and including, 3.7.0. This is due to the `limit` POST parameter being interpolated directly into a SQL query…

  • CVE-2026-3875MedApr 16, 2026
    risk 0.42cvss 6.4epss 0.00

    The BetterDocs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'betterdocs_feedback_form' shortcode in all versions up to, and including, 4.3.8. This is due to insufficient input sanitization and output escaping on user supplied shortcode attributes.…

  • CVE-2025-14980MedJan 9, 2026
    risk 0.42cvss 6.5epss 0.00

    The BetterDocs plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.3 via the scripts() function. This makes it possible for authenticated attackers, with contributor-level access and above, to extract sensitive data…

  • CVE-2024-2845MedApr 9, 2024
    risk 0.42cvss 6.4epss 0.00

    The BetterDocs – Best Documentation, FAQ & Knowledge Base Plugin with AI Support & Instant Answer For Elementor & Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 3.4.2 due to…

  • CVE-2026-42644MedApr 29, 2026
    risk 0.34cvss 5.3epss 0.00

    Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPDeveloper BetterDocs betterdocs allows Retrieve Embedded Sensitive Data.This issue affects BetterDocs: from n/a through <= 4.3.10.

  • CVE-2026-6393MedApr 24, 2026
    risk 0.28cvss 4.3epss 0.00

    The BetterDocs plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 4.3.11. This is due to a missing capability check in the generate_openai_content_callback() function, which relies solely on a nonce rather than verifying user permissions.…

  • CVE-2025-7499MedAug 16, 2025
    risk 0.27cvss 5.3epss 0.00

    The BetterDocs – Advanced AI-Driven Documentation, FAQ & Knowledge Base Tool for Elementor & Gutenberg with Encyclopedia, AI Support, Instant Answers plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the get_response…

  • CVE-2026-7515Jun 19, 2026
    risk 0.00cvss epss 0.01

    The BetterDocs Pro plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 3.8.0 via the `doc_style` parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files on the server, allowing the…

  • CVE-2026-12157Jun 19, 2026
    risk 0.00cvss epss 0.00

    The BetterDocs - Knowledge Base Docs & FAQ Solution for Elementor & Block Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the blockId attribute of the betterdocs/category-slate-layout Gutenberg block in versions up to, and including, 4.5.3. This is…