CVE-2025-11160 | WPBakery Page Builder Plugin up to 8.6.1 on WordPress Custom JS cross site scripting

Full Article URL: https://vuldb.com/?id.328517
Textarea URL (this page): <a href="https://textarea.nl/i/eNrLKCkpKLbS1y8rzUlJ0kvOz9W3z0zRMzayMDU0BwCQQwj5_2025-10-14">https://textarea.nl/i/eNrLKCkpKLbS1y8rzUlJ0kvOz9W3z0zRMzayMDU0BwCQQwj5_2025-10-14
Source: https://vuldb.com/?rss.recent
Vuldb: https://vuldb.com
Publication date: 2025-10-14 20:43:11
Last retrieval: 2025-10-14 22:45:46.740696

20:43 - 14 Oct 2025

vuldb.com

A vulnerability was found in WPBakery Page Builder Plugin up to 8.6.1 on WordPress. It has been declared as problematic. Affected by this issue is some unknown functionality of the component Custom JS Module. Executing manipulation can lead to cross site scripting. This vulnerability is handled as CVE-2025-11160. The attack can be executed remotely. There is not any exploit available.

https://vuldb.com/?id.328517

Article info: