CVE-2025-11161 | WPBakery Page Builder Plugin up to 8.6.1 on WordPress vc_custom_heading font_container cross site scripting

A vulnerability was found in WPBakery Page Builder Plugin up to 8.6.1 on WordPress. It has been classified as problematic. Affected by this vulnerability is the function vc_custom_heading. Performing manipulation of the argument font_container results in cross site scripting.

This vulnerability is known as CVE-2025-11161. Remote exploitation of the attack is possible. No exploit is available.VulDB Recent EntriesRead More