Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in visualcomposer.Com Visual Composer Website Builder allows Stored XSS.This issue affects Visual Composer Website Builder: from n/a through 45.8.0.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Visualcomposer |
|
Configuration 1 [-]
|
No data.
No data.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2024-35412 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in visualcomposer.Com Visual Composer Website Builder allows Stored XSS.This issue affects Visual Composer Website Builder: from n/a through 45.8.0. |
Fixes
Solution
Update to 45.9.0 or a higher version.
Workaround
No workaround given by the vendor.
History
Mon, 14 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Sun, 13 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
MITRE
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2024-08-02T03:14:53.594Z
Reserved: 2024-05-17T10:08:10.963Z
Link: CVE-2024-35653
Vulnrichment
Updated: 2024-08-02T03:14:53.594Z
NVD
Status : Modified
Published: 2024-06-04T15:15:46.747
Modified: 2024-11-21T09:20:35.057
Link: CVE-2024-35653
Redhat
No data.
OpenCVE Enrichment
No data.