cbcvebase.

Webcodingplace Classic Addons Wpbakery Page Builder vulnerabilities

3 known vulnerabilities affecting webcodingplace/classic_addons_wpbakery_page_builder.

Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2024-11952P3HIGHCVSS 7.5≤ 3.02024-12-04
CVE-2024-11952 [HIGH] CWE-22 CVE-2024-11952: The Classic Addons – WPBakery Page Builder plugin for WordPress is vulnerable to Limited Local PHP F The Classic Addons – WPBakery Page Builder plugin for WordPress is vulnerable to Limited Local PHP File Inclusion in all versions up to, and including, 3.0 via the 'style' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, and permissions granted by an Administrator, to include and execute arbitrary
nvd
CVE-2024-56286P3HIGHCVSS 7.5≤ 3.02025-01-07
CVE-2024-56286 [HIGH] CWE-22 CVE-2024-56286: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in webc Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in webcodingplace Classic Addons – WPBakery Page Builder classic-addons-wpbakery-page-builder-addons allows PHP Local File Inclusion.This issue affects Classic Addons – WPBakery Page Builder: from n/a through <= 3.0.
nvd
CVE-2024-43953P4MEDIUMCVSS 5.4≤ 3.52024-08-29
CVE-2024-43953 [MEDIUM] CWE-79 CVE-2024-43953: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webcodingplace Classic Addons – WPBakery Page Builder classic-addons-wpbakery-page-builder-addons allows Stored XSS.This issue affects Classic Addons – WPBakery Page Builder: from n/a through <= 3.5.
nvd