Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
WPBITS Addons For Elementor: Stored Malicious Code Injection Risk
CVE-2026-39703
Summary
WPBITS Addons For Elementor, a plugin for Elementor page builder, has a security issue that allows hackers to inject malicious code into a website. This can lead to unauthorized actions, such as stealing user data or spreading malware. You should update WPBITS Addons For Elementor to the latest version (1.8.2 or higher) to fix this issue.
Original title
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpbits WPBITS Addons For Elementor Page Builder wpbits-addons-for-elementor allows Stored XSS.T...
Original description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpbits WPBITS Addons For Elementor Page Builder wpbits-addons-for-elementor allows Stored XSS.This issue affects WPBITS Addons For Elementor Page Builder: from n/a through <= 1.8.1.
Vulnerability type
CWE-79
Cross-site Scripting (XSS)
Published: 8 Apr 2026 · Updated: 9 Apr 2026 · First seen: 8 Apr 2026