CVE-2024-30183

WordPress WPBakery Page Builder Addons by Livemesh plugin <= 3.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Livemesh Livemesh Addons for WPBakery Page Builder allows Stored XSS.This issue affects Livemesh Addons for WPBakery Page Builder: from n/a through 3.7.


We have discovered 3,366 live websites that are affected by CVE-2024-30183.

Contact us to get more info




Affected Software

Product  Addons For Visual Composer
Category Wordpress Plugins
Vulnerable Domains3,366 live websites (48.83% of Addons For Visual Composer install base)
Vulnerable Versions
  • from 0 through 3.7
Vulnerable Versions Count40 versions ( 86.96% of all versions)


Common Weakness Enumeration

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')



Details

  • Published - Mar 27, 2024
  • Updated - Aug 5, 2024

Credits

  • Abu Hurayra (Patchstack Alliance) (finder)

CVE-2024-30183 usage by Country

United States969 websites



Germany351 websites
Italy258 websites
France249 websites
Russia150 websites
GB108 websites
Spain99 websites
Poland74 websites
Brazil67 websites
Netherlands65 websites

CVE-2024-30183 usage by TLD

.com1,358 websites
.it194 websites
.org158 websites
.de127 websites
.ru125 websites
.com.br82 websites
.fr74 websites
.net73 websites
.pl56 websites
.nl51 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2024-30183

Top websites that are affected by CVE-2024-30183. Please click on the "Contact us" link to get more information.
DomainCountryRankContacts
******.com United States**,***
*************.com United States***,***
*******.org United States***,***
******************.de Germany***,***
*****************.com India***,***
*************.org United States***,***
*************.net United States***,***
*******.com United States***,***
*****************.org United States***,***
***********.org France***,***
See full domain list

FAQ

CVE-2024-30183 is Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Addons For Visual Composer
A total of 3,366 websites have been identified as vulnerable to CVE-2024-30183, discovered through global website indexing conducted by WebTechSurvey.
Addons For Visual Composer is susceptible to CVE-2024-30183 vulnerability.
Addons For Visual Composer versions before, and including, 3.7 are vulnerable to CVE-2024-30183.