Vulnerabilities > Siteorigin > Page Builder > 2.5.12

DATE CVE VULNERABILITY TITLE RISK
2024-03-23 CVE-2024-2202 Cross-site Scripting vulnerability in Siteorigin Page Builder
The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the legacy Image widget in all versions up to, and including, 2.29.6 due to insufficient input sanitization and output escaping.
network
low complexity
siteorigin CWE-79
5.4
5.4
2020-05-28 CVE-2020-13643 Cross-Site Request Forgery (CSRF) vulnerability in Siteorigin Page Builder
An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress.
network
low complexity
siteorigin CWE-352
8.8
8.8
2020-05-28 CVE-2020-13642 Cross-Site Request Forgery (CSRF) vulnerability in Siteorigin Page Builder
An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress.
network
low complexity
siteorigin CWE-352
8.8
8.8