SiteOrigin Widgets Bundle

Greg - SiteOrigin

Developer

1.70.2

Latest version

400,000

Installations

Nov 13, 2025

Last updated

WordPress Plugin

No VDP

Claim ownership

Report vulnerability

Vulnerabilities

Vulnerability history

0 present

10 fixed

0 Mitigation rules

Authenticated (Contributor+) Stored Cross-Site Scripting via `data-url` DOM Element Attribute vulnerability
<= 1.68.5
Jun 24, 2025
Broken Access Control vulnerability
<= 1.64.0
Dec 10, 2024
Authenticated (Contributor+) Stored Cross-Site Scripting in Image Grid widget vulnerability
<= 1.62.2
Jul 30, 2024
Authenticated Stored Cross-Site Scripting vulnerability
<= 1.61.1
Jun 10, 2024
WordPress SiteOrigin Widgets Bundle plugin <= 1.60.0 - - Authenticated (Contributor+) Stored Cross-Site Scripting via 'siteorigin_widget' Shortcode vulnerability
<= 1.60.0
May 22, 2024
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
<= 1.58.7
Mar 4, 2024
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
<= 1.58.2
Feb 13, 2024
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
<= 1.58.3
Feb 13, 2024
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
<= 1.58.1
Jan 30, 2024
Authenticated (Admin+) Local File Inclusion vulnerability
<= 1.50.1
Nov 29, 2023