CVE-2024-1805 | WPBakery Visual Composer Plugin up to 7.5 on WordPress Button onclick Attribute cross site scripting

Posted by Angelo Barbosa | Apr 11, 2024 | CVE

A vulnerability was found in WPBakery Visual Composer Plugin up to 7.5 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Button onclick Attribute Handler. The manipulation leads to cross site scripting.

This vulnerability is known as CVE-2024-1805. The attack can be launched remotely. There is no exploit available.

CVE-2024-1805 | WPBakery Visual Composer Plugin up to 7.5 on WordPress Button onclick Attribute cross site scripting

Related Posts

CVE-2024-0842 | FreeDomain Backuply Plugin up to 1.2.5 on WordPress denial of service

CVE-2024-20807 | Samsung Mobile Email prior 6.1.90.16 Intent information disclosure

CVE-2024-5559 | Schneider Electric PowerLogic P5 up to 01.500.104 Reset Token risky encryption (SEVD-2024-163-02)

CVE-2024-28442 | Yealink VP59 91.15.0.118 Company Portal path traversal