Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.1
WP Bakery Autoresponder Addon allows malicious code to be stored
CVE-2026-27363
Summary
A vulnerability in the WP Bakery Autoresponder Addon for WordPress allows an attacker to inject malicious code into the website, which can be executed by visitors. This can lead to unauthorized actions, such as stealing user data or spreading malware. To fix this, update the WP Bakery Autoresponder Addon to version 1.0.7 or later.
Original title
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kamleshyadav WP Bakery Autoresponder Addon vc-autoresponder-addon allows Stored XSS.This issue ...
Original description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kamleshyadav WP Bakery Autoresponder Addon vc-autoresponder-addon allows Stored XSS.This issue affects WP Bakery Autoresponder Addon: from n/a through <= 1.0.6.
Vulnerability type
CWE-79
Cross-site Scripting (XSS)
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026