Medium 5.4
2025-10-18< 8.7
CVE-2025-10006
WPBakery
Minimum safe version
8.7
Update to 8.7 or later to address 18 fixable vulnerabilities
Latest available6.9.0 ✗
Medium 5.4
2025-10-15< 8.7
CVE-2025-11160
Medium 6.4
2025-10-15< 8.7
CVE-2025-11161
Medium 6.4
2025-08-06< 8.6
WPBakery Page Builder for WordPress <= 8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
Medium 6.4
2025-07-24< 8.5
WPBakery Page Builder <= 8.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Page Builder Elements
Medium 6.4
2025-06-19< 8.5
WordPress WPBakery Page Builder Plugin <= 8.4.1 is vulnerable to Cross Site Scripting (XSS)
High 8.8
2024-08-06< 7.8
CVE-2024-5709
Medium 5.4
2024-08-06< 7.8
CVE-2024-5708
Medium 5.4
2024-06-13< 7.7
CVE-2024-5265
Medium 5.4
2024-05-02< 7.6
CVE-2024-1842
Medium 5.4
2024-05-02< 7.6
CVE-2024-1841
Medium 5.4
2024-05-02< 7.6
CVE-2024-1840
Medium 5.4
2024-05-02< 7.6
CVE-2024-1805
Medium 6.5
2023-06-22< 6.13.0
CVE-2023-31213
N/A
< 4.7.4
WPBakery Page Builder < 4.7.4 - Multiple Unspecified Cross-Site Scripting (XSS)
N/A
2015-02-10< 4.7.4
WPBakery Page Builder for WordPress (formerly Visual Composer) <= 4.7.3 - Multiple Cross-Site Scripting Issues
N/A
2015-10-09< 4.7.4
WordPress Visual Composer Plugin <= 4.7.3 - Cross Site Scripting
Medium 5.4
2020-11-16< 6.4.1
CVE-2020-28650