Vulnerability Name: Shopbuilder Templates Builder and create a new page. 2. Set the template type to "Shop", editor type to "Elementor", and set as "Active Template". 3. Choose "Theme Default Template" and save. 4. Create another page with type "Category Archive", using the same editor and template settings. 5. Once these templates are active, visit: `https://example.com/product-category/uncategorized/?orderby=a%27onclick%3d%27alert(1)%27 Affected Plugins: shopbuilder Fixed in 3.2.2 Classification: - Type: XSS - OWASP top 10: A7: Cross-Site Scripting (XSS) - CWE: CWE-79 - CVSS: 7.1 (high) Miscellaneous: - Original Researcher: Gregory Allegoet - Submitter: Gregory Allegoet - Submitter website: https://yiikergiiker.github.io/ - Verified: Yes - WPVDB ID: 5872ece6-52cb-4306-b7ee-41282815a243 Timeline: - Publicly Published: 2025-12-12 (about 22 days ago) - Added: 2025-12-12 (about 21 days ago) - Last Updated: 2025-12-12 (about 21 days ago) Other References: - 2023-01-20 Media Library Categories < 2.0.0 - Admin+ Stored XSS - 2023-05-18 Baidu Tongji generator <= 1.0.2 - Admin+ Stored XSS - 2024-04-17 Element Pack Elementor Addons < 5.6.1 - Contributor+ Stored XSS via Price List Widget - 2025-09-26 aThemes Addons for Elementor < 1.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting - 2024-06-28 PixelYourSite – Your smart PIXEL (TAG) Manager < 9.6.2 - Authenticated (Administrator+) Stored Cross-Site Scripting