Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in voidcoders WPBakery Visual Composer WHMCS Elements void-visual-whmcs-element allows DOM-Based XSS.This issue affects WPBakery Visual Composer WHMCS Elements: from n/a through <= 1.0.4.3.
References
Configurations
No configuration.
History
23 Apr 2026, 15:36
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.9 |
20 Jan 2026, 15:19
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
|
24 Dec 2025, 20:16
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
24 Dec 2025, 13:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-12-24 13:16
Updated : 2026-06-17 09:59
NVD link : CVE-2025-68574
Mitre link : CVE-2025-68574
CVE.ORG link : CVE-2025-68574
JSON object : View
Products Affected
No product.
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
