VYPR

Livemesh Addons for WPBakery Page Builder

by WordPress

CVEs (5)

  • CVE-2026-3895MedMay 27, 2026
    risk 0.42cvss 6.4epss 0.00

    The WPBakery Page Builder Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `lvca_admin_ajax` AJAX action in all versions up to, and including, 3.9.4 due to missing authorization checks and insufficient input sanitization. The AJAX…

  • CVE-2026-2030MedMay 27, 2026
    risk 0.42cvss 6.4epss 0.00

    The WPBakery Page Builder Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `[lvca_carousel]` and `[lvca_posts_carousel]` shortcode attributes in all versions up to, and including, 3.9.4 due to insufficient input sanitization and output…

  • CVE-2024-30183MedMar 27, 2024
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Livemesh Livemesh Addons for WPBakery Page Builder allows Stored XSS.This issue affects Livemesh Addons for WPBakery Page Builder: from n/a through 3.7.

  • CVE-2024-2079MedMar 13, 2024
    risk 0.42cvss 6.4epss 0.00

    The WPBakery Page Builder Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'per_line_mobile' shortcode in all versions up to, and including, 3.8.1 due to insufficient input sanitization and output escaping on user supplied…

  • CVE-2023-50370MedDec 14, 2023
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Livemesh WPBakery Page Builder Addons by Livemesh allows Stored XSS.This issue affects WPBakery Page Builder Addons by Livemesh: from n/a through 3.5.