CVE Catalog
CVE-2026-57754
MediumCVSS 6.5Summary
The Livemesh Addons for WPBakery Page Builder plugin version 3.9.4 and earlier contains a Cross Site Scripting (XSS) vulnerability in the Contributor functionality. This allows an attacker to inject malicious JavaScript code into the page.
Risk Assessment
The risk involves potential session hijacking, redirection to malicious sites, or theft of sensitive data, which could compromise the organization's security and reputation.
Recommendation
It is recommended to immediately update the Livemesh Addons for WPBakery Page Builder plugin to the latest available version that fixes this vulnerability.
Original NVD description (English source)
Contributor Cross Site Scripting (XSS) in Livemesh Addons for WPBakery Page Builder <= 3.9.4 versions.

