What is GHSA-hqhf-c4j5-73hq?

GHSA-hqhf-c4j5-73hq is a security advisory published by GitHub Security Advisories with High severity. The Content Visibility for Divi Builder plugin for WordPress is vulnerable to Remote Code...

Which CVE IDs does GHSA-hqhf-c4j5-73hq cover?

GHSA-hqhf-c4j5-73hq covers the following CVE IDs: CVE-2026-1829. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-hqhf-c4j5-73hq?

GHSA-hqhf-c4j5-73hq has a CVSS v3 base score of 8.8, published by GitHub Security Advisories.

GHSA-hqhf-c4j5-73hqHighCVSS 8.8

The Content Visibility for Divi Builder plugin for WordPress is vulnerable to Remote Code...

Vendor

GitHub Security Advisories

Published

June 2, 2026

Last Modified

June 2, 2026

🔗 CVE IDs covered (1)

CVE-2026-1829 →

📋 Description

The Content Visibility for Divi Builder plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.02 via the 'et_pb_text' shortcode 'cvdb_content_visibility_check' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to execute code on the server.

🔗 References (5)

https://nvd.nist.gov/vuln/detail/CVE-2026-1829
https://plugins.trac.wordpress.org/browser/content-visibility-for-divi-builder/tags/4.01/includes/plugin.class.php#L229
https://plugins.trac.wordpress.org/changeset/3543621/content-visibility-for-divi-builder
https://www.wordfence.com/threat-intel/vulnerabilities/id/2ea89c44-8ed0-4ab7-a049-4d1b03a898c7?source=cve
https://github.com/advisories/GHSA-hqhf-c4j5-73hq