Mega Addons For Wpbakery Page Builder

mega_addons_for_wpbakery_page_builder

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-0268 1Topdigitaltrends 1Mega Addons For Wpbakery Page Builder Jun 17, 2026 May 8, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The Mega Addons For WPBakery Page Builder WordPress plugin before 4.3.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could a...Show more The Mega Addons For WPBakery Page Builder WordPress plugin before 4.3.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.Show less
CVE-2022-4501 1Topdigitaltrends 1Mega Addons For Wpbakery Page Builder Jun 17, 2026 Dec 14, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 The Mega Addons plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the vc_saving_data function in versions up to, and including, 4.3.0. This makes it possible for authenticate...Show more The Mega Addons plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the vc_saving_data function in versions up to, and including, 4.3.0. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to update the plugin's settings.Show less
CVE-2022-36798 1Topdigitaltrends 1Mega Addons For Wpbakery Page Builder Jun 17, 2026 Sep 23, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Topdigitaltrends Mega Addons For WPBakery Page Builder plugin <= 4.2.7 at WordPress.