CVE-2025-11161 | WPBakery Page Builder Plugin up to 8.6.1 on WordPress vc_custom_heading font_container cross site scripting

Inserito da Angelo Barbosa | Ott 14, 2025 | CVE

A vulnerability was found in WPBakery Page Builder Plugin up to 8.6.1 on WordPress. It has been classified as problematic. Affected by this vulnerability is the function vc_custom_heading. Performing manipulation of the argument font_container results in cross site scripting.

This vulnerability is known as CVE-2025-11161. Remote exploitation of the attack is possible. No exploit is available.

CVE-2025-11161 | WPBakery Page Builder Plugin up to 8.6.1 on WordPress vc_custom_heading font_container cross site scripting

Post correlati

CVE-2024-22159 | realmag777 WOLF Plugin up to 1.0.8 on WordPress cross site scripting

CVE-2024-8072 | Mage AI Terminal Server Command History information disclosure (jfsa-2024-0010)

CVE-2025-0142 | Zoom Bot Plugin up to 1.5 on Jenkins cleartext storage

CVE-2024-52461 | Kinsta WordPress Hosting Infinite Slider Plugin up to 2.0.1 on WordPress cross site scripting