CVE-2025-55709
- EPSS 0.16%
- Veröffentlicht 14.08.2025 18:21:31
- Zuletzt bearbeitet 23.04.2026 15:32:56
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visual Composer Visual Composer Website Builder visualcomposer allows Stored XSS.This issue affects Visual Composer Website Builder: from n/a throug...
CVE-2025-48276
- EPSS 0.23%
- Veröffentlicht 19.05.2025 14:45:25
- Zuletzt bearbeitet 23.04.2026 15:31:00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visual Composer Visual Composer Website Builder visualcomposer allows Stored XSS.This issue affects Visual Composer Website Builder: from n/a throug...
CVE-2025-46254
- EPSS 0.18%
- Veröffentlicht 22.04.2025 09:53:35
- Zuletzt bearbeitet 23.04.2026 15:29:57
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visual Composer Visual Composer Website Builder visualcomposer allows Stored XSS.This issue affects Visual Composer Website Builder: from n/a throug...
CVE-2024-35653
- EPSS 0.28%
- Veröffentlicht 04.06.2024 15:15:46
- Zuletzt bearbeitet 23.04.2026 15:18:29
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visual Composer Visual Composer Website Builder visualcomposer.This issue affects Visual Composer Website Builder: from n/a through <= 45.8.0.
CVE-2024-27997
- EPSS 0.35%
- Veröffentlicht 19.03.2024 17:15:10
- Zuletzt bearbeitet 23.04.2026 15:18:06
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visual Composer Visual Composer Website Builder visualcomposer.This issue affects Visual Composer Website Builder: from n/a through <= 45.6.0.
CVE-2023-6880
- EPSS 0.42%
- Veröffentlicht 13.03.2024 16:15:09
- Zuletzt bearbeitet 08.04.2026 18:18:44
The Visual Composer Website Builder, Landing Page Builder, Custom Theme Builder, Maintenance Mode & Coming Soon Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's custom fields in all versions up to, and includin...
CVE-2020-36722
- EPSS 0.73%
- Veröffentlicht 07.06.2023 02:15:12
- Zuletzt bearbeitet 08.04.2026 19:17:34
The Visual Composer plugin for WordPress is vulnerable to Cross-Site Scripting in versions up to, and including, 26.0 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts tha...
CVE-2022-2516
- EPSS 0.49%
- Veröffentlicht 06.09.2022 18:15:14
- Zuletzt bearbeitet 21.11.2024 07:01:09
The Visual Composer Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post/page 'Title' value in versions up to, and including, 45.0 due to insufficient input sanitization and output escaping. This makes it pos...
CVE-2022-2430
- EPSS 0.49%
- Veröffentlicht 06.09.2022 18:15:13
- Zuletzt bearbeitet 21.11.2024 07:00:58
The Visual Composer Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Text Block' feature in versions up to, and including, 45.0 due to insufficient input sanitization and output escaping. This makes it possib...