Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
themeum wp page builder vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2021-24208
The editor of the WP Page Builder WordPress plugin prior to 1.2.4 allows lower-privileged users to insert unfiltered HTML, including JavaScript, into pages via the “Raw HTML” widget and the “Custom HTML” widgets (though the custom HTML widget requires send...
Themeum Wp Page Builder
4.3
CVSSv3
CVE-2021-24207
By default, the WP Page Builder WordPress plugin prior to 1.2.4 allows subscriber-level users to edit and make changes to any and all posts pages - user roles must be specifically blocked from editing posts and pages.
Themeum Wp Page Builder
4.8
CVSSv3
CVE-2022-3830
The WP Page Builder WordPress plugin up to and including 1.2.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for exampl...
Themeum Wp Page Builder
5.4
CVSSv3
CVE-2022-40963
Multiple Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerabilities in WP Page Builder plugin <= 1.2.6 on WordPress.
Themeum Wp Page Builder
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started