cleantalk
Vulnerabilities and Security Researches

Mega Addons For WPBakery Page Builder, CVE-2023-0268

CVE, Research URL

CVE-2023-0268

Home page URL

Security reports for Mega Addons For WPBakery Page Builder

Application

Mega Addons For WPBakery Page Builder

Published on
May 08, 2023
Research Description
The Mega Addons For WPBakery Page Builder WordPress plugin before 4.3.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
Affected versions
Min -, max 4.3.0.
Status
vulnerable
Previous vulnerability researches
Mega Addons For WPBakery Page Builder (CVE-2022-4501) , Jun 07, 2024
Mega Addons For WPBakery Page Builder (CVE-2023-0268) , Jun 07, 2024
Mega Addons For WPBakery Page Builder (CVE-2022-36798) , Jun 07, 2024
New vulnerability
Featured Image Plus (CVE-2025-4431) , Jun 10, 2025
Products per Page for WooCommerce (CVE-2025-47504) , Jun 10, 2025
Min Max Default Quantity for WooCommerce (CVE-2025-47504) , Jun 09, 2025
The Plus Addons for Elementor (CVE-2025-49076) , Jun 06, 2025
WP Pipes (CVE-2025-48267) , Jun 06, 2025