cleantalk
Vulnerabilities and Security Researches

Visual Composer Website Builder, Landing Page Builder, Custom Theme Builder, Maintenance Mode & Coming Soon Pages, CVE-2025-55709

CVE, Research URL

CVE-2025-55709

Home page URL

Security reports for Visual Composer Website Builder, Landing Page Builder, Custom Theme Builder, Maintenance Mode & Coming Soon Pages

Application

Visual Composer Website Builder, Landing Page Builder, Custom Theme Builder, Maintenance Mode & Coming Soon Pages

Published on
Aug 15, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visual Composer Visual Composer Website Builder allows Stored XSS. This issue affects Visual Composer Website Builder: from n/a through n/a.
Affected versions
Min -, max 45.15.0.
Status
vulnerable
Previous vulnerability researches
Database for Contact Form 7, WPforms, Elementor forms (CVE-2021-25080) , Jun 07, 2024
Database for Contact Form 7, WPforms, Elementor forms (CVE-2021-25079) , Jun 07, 2024
Database for Contact Form 7, WPforms, Elementor forms (CVE-2022-3604) , Jun 07, 2024
Database for Contact Form 7, WPforms, Elementor forms (CVE-2023-31212) , Jun 07, 2024
Database for Contact Form 7, WPforms, Elementor forms (CVE-2023-33311) , Jun 07, 2024
New vulnerability
Inspectlet – User Session Recording and Heatmaps (CVE-2025-49048) , Aug 16, 2025
B Slider – Slider for your block editor (CVE-2025-8676) , Aug 16, 2025
B Slider – Slider for your block editor (CVE-2025-8680) , Aug 16, 2025
Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress (CVE-2025-55708) , Aug 16, 2025
WP Voting (CVE-2025-49057) , Aug 16, 2025