Betterdocs Knowledge Base Docs Faq Solution For Elementor Block Editor

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-3875 MEDIUM This Month

Stored Cross-Site Scripting in BetterDocs WordPress plugin versions up to 4.3.8 allows authenticated attackers with contributor-level access to inject arbitrary JavaScript into pages via the 'betterdocs_feedback_form' shortcode due to insufficient input sanitization and output escaping. Injected scripts execute in the browsers of all users who view affected pages, enabling account compromise, credential theft, or malware distribution. No public exploit code or active exploitation has been identified at this time.

XSS WordPress Betterdocs Knowledge Base Docs Faq Solution For Elementor Block Editor
NVD VulDB
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-3875
EPSS 0% CVSS 6.4
MEDIUM This Month

Stored Cross-Site Scripting in BetterDocs WordPress plugin versions up to 4.3.8 allows authenticated attackers with contributor-level access to inject arbitrary JavaScript into pages via the 'betterdocs_feedback_form' shortcode due to insufficient input sanitization and output escaping. Injected scripts execute in the browsers of all users who view affected pages, enabling account compromise, credential theft, or malware distribution. No public exploit code or active exploitation has been identified at this time.

XSS WordPress Betterdocs Knowledge Base Docs Faq Solution For Elementor Block Editor
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy