WPBakery Page Builder

CVEs (6)

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2026-45436	WordPress WPBakery Page Builder	—	—	Jun 17, 2026	Subscriber Broken Access Control in WPBakery Page Builder <= 8.7.2 versions.
CVE-2025-7502	Wpbakery WPBakery Page Builder for WordPress	—	0.00	Aug 6, 2025	The WPBakery Page Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several shortcodes in all versions up to, and including, 8.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it…
CVE-2025-4968	Wpbakery WPBakery Page Builder for WordPress	—	0.00	Jul 24, 2025	The WPBakery Page Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple Page Builder elements (Copyright Element, Hover Box, Separator With Text, FAQ, Single Image, Custom Header, Button, Call To Action, Progress Bar, Pie Chart,…
CVE-2025-4965	Wpbakery WPBakery Page Builder for WordPress	—	0.00	Jun 19, 2025	The WPBakery Page Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Grid Builder feature in all versions up to, and including, 8.4.1 due to insufficient input sanitization and output escaping on user supplied attributes.…
CVE-2024-13591	WordPress WPBakery Page Builder	—	0.00	Feb 19, 2025	The Team Builder For WPBakery Page Builder(Formerly Visual Composer) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'team-builder-vc' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output…
CVE-2023-31213	WordPress WPBakery Page Builder	—	0.00	Jun 22, 2023	Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WPBakery Page Builder plugin <= 6.13.0 versions.

CVE-2026-45436Jun 17, 2026
WordPress
WPBakery Page Builder
risk 0.00cvss —epss —
Subscriber Broken Access Control in WPBakery Page Builder <= 8.7.2 versions.
CVE-2025-7502Aug 6, 2025
Wpbakery
WPBakery Page Builder for WordPress
risk 0.00cvss —epss 0.00
The WPBakery Page Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several shortcodes in all versions up to, and including, 8.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it…
CVE-2025-4968Jul 24, 2025
Wpbakery
WPBakery Page Builder for WordPress
risk 0.00cvss —epss 0.00
The WPBakery Page Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple Page Builder elements (Copyright Element, Hover Box, Separator With Text, FAQ, Single Image, Custom Header, Button, Call To Action, Progress Bar, Pie Chart,…
CVE-2025-4965Jun 19, 2025
Wpbakery
WPBakery Page Builder for WordPress
risk 0.00cvss —epss 0.00
The WPBakery Page Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Grid Builder feature in all versions up to, and including, 8.4.1 due to insufficient input sanitization and output escaping on user supplied attributes.…
CVE-2024-13591Feb 19, 2025
WordPress
WPBakery Page Builder
risk 0.00cvss —epss 0.00
The Team Builder For WPBakery Page Builder(Formerly Visual Composer) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'team-builder-vc' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output…
CVE-2023-31213Jun 22, 2023
WordPress
WPBakery Page Builder
risk 0.00cvss —epss 0.00
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WPBakery Page Builder plugin <= 6.13.0 versions.