Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

wpbits — Vulnerabilities & Security Advisories 9

Browse all 9 CVE security advisories affecting wpbits. AI-powered Chinese analysis, POCs, and references for each vulnerability.

wpbits is a WordPress plugin primarily used for enhancing website functionality through custom bits of code. Historically, the plugin has been associated with multiple security vulnerabilities, including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation issues. These vulnerabilities often stem from insufficient input validation and improper access controls. With nine CVEs recorded, wpbits has demonstrated recurring security weaknesses, particularly in how it handles user-supplied data and manages permissions. The plugin's security track record indicates a pattern of vulnerabilities that could allow attackers to compromise websites, execute malicious code, or gain unauthorized access to sensitive areas.

Top products by wpbits: WPBITS Addons For Elementor Page Builder
CVE IDTitleCVSSSeverityPublished
CVE-2026-39703 WordPress WPBITS Addons For Elementor Page Builder plugin <= 1.8.1 - Cross Site Scripting (XSS) vulnerability — WPBITS Addons For Elementor Page BuilderCWE-79 6.5 Medium2026-04-08
CVE-2025-9082 WPBITS Addons For Elementor <= 1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting — WPBITS Addons For Elementor Page BuilderCWE-79 6.4 Medium2026-01-28
CVE-2024-37945 WordPress WPBITS Addons For Elementor plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability — WPBITS Addons For Elementor Page BuilderCWE-79 6.5 Medium2025-08-14
CVE-2024-56285 WordPress WPBITS Addons For Elementor Page Builder plugin <= 1.5.1 - Cross-Site Scripting vulnerability — WPBITS Addons For Elementor Page BuilderCWE-79 6.5 Medium2025-01-07
CVE-2025-22316 WordPress WPBITS Addons For Elementor Page Builder plugin <= 1.5.1 - Cross Site Scripting (XSS) vulnerability — WPBITS Addons For Elementor Page BuilderCWE-79 5.9 Medium2025-01-07
CVE-2024-8962 WPBITS Addons For Elementor Page Builder <= 1.5.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload — WPBITS Addons For Elementor Page BuilderCWE-79 6.4 Medium2024-12-04
CVE-2024-4862 WPBITS Addons For Elementor Page Builder <= 1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets — WPBITS Addons For Elementor Page BuilderCWE-79 6.4 Medium2024-07-09
CVE-2024-32593 WordPress WPBITS Addons For Elementor Page Builder plugin <= 1.3.4.2 - Cross Site Scripting (XSS) vulnerability — WPBITS Addons For Elementor Page BuilderCWE-79 6.5 Medium2024-04-18
CVE-2024-2129 WPBITS Addons For Elementor Page Builder <= 1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting — WPBITS Addons For Elementor Page BuilderCWE-79 6.4 Medium2024-03-20

This page lists every published CVE security advisory associated with wpbits. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.