The wpbakery plugin for WordPress has a security issue that allows attackers to inject harmful scripts into web pages. This can happen when someone with contributor access or higher uses the Post Author tag attribute. The plugin’s lack of proper input sanitization and output escaping is what makes this possible.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
