Ultimate addons for wpbakery page builder

This hub aggregates every CVE we track for Ultimate addons for wpbakery page builder, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 11 most recently published vulnerabilities affecting Ultimate addons for wpbakery page builder.

• CVE-2026-34889WordPress Ultimate Addons for WPBakery Page Builder plugin < 3.21.4 - Cross Site Scripting (XSS) vulnerability6.5Apr 1, 2026
• CVE-2026-28038WordPress Ultimate Addons for WPBakery Page Builder plugin <= 3.21.1 - Broken Access Control vulnerability6.5Mar 5, 2026
• CVE-2025-48088WordPress Ultimate Addons for WPBakery Page Builder plugin < 3.21.1 - Cross Site Scripting (XSS) vulnerability6.5Oct 27, 2025
• CVE-2024-5251Ultimate Addons for WPBakery Page Builder <= 3.19.20 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode6.4Jul 17, 2024
• CVE-2024-5253Ultimate Addons for WPBakery Page Builder <= 3.19.20 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode6.4Jul 17, 2024
• CVE-2024-5252Ultimate Addons for WPBakery Page Builder <= 3.19.20 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode6.4Jul 17, 2024
• CVE-2024-5255Ultimate Addons for WPBakery Page Builder <= 3.19.20 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode6.4Jul 17, 2024
• CVE-2024-5254Ultimate Addons for WPBakery Page Builder <= 3.19.20 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode6.4Jul 17, 2024
• CVE-2023-46205WordPress Ultimate Addons for WPBakery Page Builder plugin <= 3.19.14 - Local File Inclusion vulnerability7.1May 17, 2024
• CVE-2023-51402WordPress Ultimate Addons for WPBakery Page Builder Plugin <= 3.19.17 is vulnerable to Cross Site Request Forgery (CSRF)4.3Dec 29, 2023
• CVE-2023-46211WordPress Ultimate Addons for WPBakery Page Builder Plugin <= 3.19.14 is vulnerable to Cross Site Scripting (XSS)6.5Oct 27, 2023