CVE-2026-2448 | gpriday Page Builder by SiteOrigin Plugin up to 2.33.5 on WordPress locate_template file inclusion

Inserito da Angelo Barbosa | Mar 2, 2026 | CVE

A vulnerability has been found in gpriday Page Builder by SiteOrigin Plugin up to 2.33.5 on WordPress and classified as critical. Affected by this issue is the function locate_template. Performing a manipulation results in file inclusion.

This vulnerability was named CVE-2026-2448. The attack may be initiated remotely. There is no available exploit.

CVE-2026-2448 | gpriday Page Builder by SiteOrigin Plugin up to 2.33.5 on WordPress locate_template file inclusion

Post correlati

CVE-2023-38317 | OpenNDS up to 10.1.2 Configuration File os command injection

CVE-2025-9992 | Ghost Kit Plugin up to 3.4.3 on WordPress cross site scripting

CVE-2025-10968 | GG Soft Software Services PaperWork prior 6.1.0.9398 sql injection

CVE-2025-11014 | OGRECave Ogre up to 14.4.1 Image OgreSTBICodec.cpp STBIImageCodec::encode heap-based overflow (Issue 3445)