#SiteOrigin
LightNews LightNews
cve.skyfleet.blue
CVE-2025-5585 - SiteOrigin Widgets Bundle Stored Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-5585

Published : June 25, 2025, 3:15 a.m. | 2 hours, 51 minutes ago

Description : The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site S...
CVE-2025-5585 - SiteOrigin Widgets Bundle Stored Cross-Site Scripting Vulnerability
The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `data-url` DOM Element Attribute in all versions up to, and including, 1.68.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary …
cvefeed.io
June 25, 2025 at 6:19 AM
vulnerability-lookup.social.circl.lu.ap.brid.gy
You can now share your thoughts on vulnerability CVE-2025-5585 in Vulnerability-Lookup:
https://vulnerability.circl.lu/vuln/CVE-2025-5585

gpriday - SiteOrigin Widgets Bundle

#vulnerabilitylookup #vulnerability #cybersecurity #bot
cvelistv5 - CVE-2025-5585
Vulnerability-Lookup - Fast vulnerability lookup correlation from different sources.
vulnerability.circl.lu
June 25, 2025 at 2:42 AM
2rzikkbou3ntafnir2qmmse0gwz.activitypub.awakari.com.ap.brid.gy
SiteOrigin Widgets Bundle <= 1.68.5 - Authenticated (Contributor+) Stored Cro... The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `data-url...

Origin | Interest | Match
CVE-2025-5585 | THREATINT
The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `data-url` DOM Element Attribute in all versions up to, and including, 1.68.4 due to insufficient input sanitization and output escaping. This makes it possible for authenti...
cve.threatint.eu
June 25, 2025 at 3:33 AM
cve.skyfleet.blue
CVE-2025-1459 - "SiteOrigin Page Builder Stored Cross-Site Scripting Vulnerability"
CVE ID : CVE-2025-1459

Published : March 1, 2025, 7:15 a.m. | 44 minutes ago

Description : The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
CVE-2025-1459 - "SiteOrigin Page Builder Stored Cross-Site Scripting Vulnerability"
The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Embedded Video(PB) widget in all versions up to, and including, 2.31.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary …
cvefeed.io
March 1, 2025 at 9:58 AM
cve.skyfleet.blue
CVE-2024-12240 - SiteOrigin Page Builder Stored Cross-Site Scripting Vulnerability
CVE ID : CVE-2024-12240

Published : Jan. 14, 2025, 11:15 a.m. | 31 minutes ago

Description : The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Stored Cross-Site Scriptin...
CVE-2024-12240 - SiteOrigin Page Builder Stored Cross-Site Scripting Vulnerability
The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the row label parameter in all versions up to, and including, 2.31.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary …
cvefeed.io
January 14, 2025 at 11:53 AM
cve-notifications.bsky.social
ID: CVE-2024-12240
CVSS V3.1: MEDIUM
The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the row label parameter in all versions up to, and including, 2.31.0 due to insufficient input sanitization and output escaping....
#security #infosec #cve-alert
nvd.nist.gov
January 14, 2025 at 11:15 AM
cve-notifications.bsky.social
ID: CVE-2024-54268
CVSS V3.1: MEDIUM
Missing Authorization vulnerability in SiteOrigin SiteOrigin Widgets Bundle allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteOrigin Widgets Bundle: from n/a through 1.64.0.
#security #infosec #cve-alert
nvd.nist.gov
December 13, 2024 at 3:22 PM
xwolf.de
Bitte nutzt kein DIVI mehr für Websites, wenn euch die Menschen, die eure Website besuchen, am Herzen legen.

#Barrierefreiheit
Quelle des Bildes: equalizedigital.com/wordpress-pa...

Mit dem Block Editor sind Page Builder in #WordPress generell kritisch zu hinterfragen.
Page builders ranked from best to worst Rank Page Builder Percent Passing 1 Kadence WP 75.95% 2 Elementor 70.13% 3 GeneratePress 67.80% 4 Avada 59.21% 5 Breakdance 54.67% 6 CoBlocks 52.38% 7 SiteOrigin 51.90% 8 Bricks 50.00% 9 Beaver Builder 48.00% 10 Divi 16.22%
December 6, 2024 at 8:53 AM
evan.best
I use SiteOrigin Page Builder and love it for its simplicity. 🫣

That said, I’ve used Elementor it minimally and host a few sites with it. Of the heavyweight visual builders, it’s one of the better ones. Lots of bells and whistles, clean UI, and I don’t despise the interface like, say, WPBakery.
November 21, 2024 at 4:16 PM
pss-for-wp.bsky.social
The SiteOrigin Widgets Bundle plugin for WordPress was graded with the Plugin Security Scorecard and got a B.
Security Scorecard for SiteOrigin Widgets Bundle Plugin for WordPress
The SiteOrigin Widgets Bundle plugin for WordPress has a security grade of B.
www.pluginvulnerabilities.com
October 30, 2024 at 10:21 PM
pss-for-wp.bsky.social
The SiteOrigin Widgets Bundle plugin for WordPress was graded with the Plugin Security Scorecard and got a B.
Security Scorecard for SiteOrigin Widgets Bundle Plugin for WordPress
The SiteOrigin Widgets Bundle plugin for WordPress has a security grade of B.
www.pluginvulnerabilities.com
October 29, 2024 at 8:22 PM
cve-notifications.bsky.social
ID: CVE-2024-5901
CVSS V3.1: MEDIUM
The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Grid widget in all versions up to, and including, 1.62.2 due to insufficient input sanitization and output escaping on...
#security #infosec #cve-alert
nvd.nist.gov
July 30, 2024 at 9:15 PM
podfeet.bsky.social
Cleanup After the Great Podcast Migration of 2024

www.podfeet.com/blog/2024/07...

#TextExpander #SiteOrigin #Feeder #ProgrammingByStealth #AppleShortcuts @[email protected] @[email protected] @[email protected]
Cleanup After the Great Podcast Migration of 2024 - Podfeet Podcasts
Recap When I made the decision to clean up my sprawling podcast empire, I didn’t really think about how intertwined my processes were. I thought it would be fun to talk about the cleanup I had to do o...
www.podfeet.com
July 24, 2024 at 9:34 PM
evan.best
I mostly build in SiteOrigin still, as i find it flexible without the heavy load of elementor.

Just as long as we agree that WPBakery is hot garbage.
April 12, 2023 at 9:53 PM