Page Builder by SiteOrigin WordPress Vulnerability Affects Up To 500k Sites
By Roger Montti
Published on March 3, 2026.
A high-severity vulnerability has been discovered in the Page Builder by SiteOrigin WordPress plugin, which is installed on over 500,000 websites. The vulnerability is rated 8.8 on the CVSS severity scale. The plugin is vulnerable to Local File Inclusion, which means it can be forced to load files from the server without properly restricting which files are allowed. An attacker must have Contributor-level access or higher to include and execute arbitrary files on the server, allowing for the execution of any PHP code in these files. The issue has been fixed in version 2.34.0.
Related Articles
New M5 MacBook Air gets double the storage, Wi-Fi 7, and a higher price
Apple's new M5 MacBook Air offers double storage, upgraded wireless connectivity, and increased battery life, starting with a price increase of up to $10,000 for the first time.
HP 15.6" Laptop Drops 45% and Bundles Microsoft 365 at No Extra Cost Only on Amazon
HP Ultrabook 15.6 offers a superior screen, 16GB of RAM, and included Microsoft 365 support, selling for $300 on Amazon.
M5 Pro and M5 Max arrive in MacBook Pro, but little else has changed
Apple's latest Mac update features the M5 Pro and M5 Max, with higher specs and higher prices, but overall features remain unchanged.