Fastlinemedia

Beaver Builder

31 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2024-9049

  • EPSS 0.29%
  • Veröffentlicht 27.09.2024 07:15:06
  • Zuletzt bearbeitet 04.10.2024 18:53:10

The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Button Group module in all versions up to, and including, 2.8.3.6 due to insufficient input sanitization and output escapin...

6.1

CVE-2024-43926

  • EPSS 0.55%
  • Veröffentlicht 29.08.2024 18:15:09
  • Zuletzt bearbeitet 02.01.2025 17:28:40

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Beaver Builder Team Beaver Builder allows Reflected XSS.This issue affects Beaver Builder: from n/a through 2.8.3.2.

5.4

CVE-2024-7895

  • EPSS 0.44%
  • Veröffentlicht 29.08.2024 11:15:29
  • Zuletzt bearbeitet 15.04.2025 15:09:05

The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘type’ parameter in all versions up to, and including, 2.8.3.5 due to insufficient input sanitization and output escaping. This make...

5.4

CVE-2024-37500

  • EPSS 0.14%
  • Veröffentlicht 21.07.2024 08:15:03
  • Zuletzt bearbeitet 31.01.2025 18:15:55

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Beaver Builder Team Beaver Builder allows Stored XSS.This issue affects Beaver Builder: from n/a through 2.8.2.2.

5.4

CVE-2024-4430

  • EPSS 0.27%
  • Veröffentlicht 14.05.2024 15:43:43
  • Zuletzt bearbeitet 08.01.2025 18:43:41

The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the photo widget crop attribute in all versions up to, and including, 2.8.1.2 due to insufficient input sanitization and output escaping...

5.4

CVE-2024-3923

  • EPSS 0.21%
  • Veröffentlicht 14.05.2024 15:42:35
  • Zuletzt bearbeitet 08.01.2025 18:43:59

The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the link_target parameter in all versions up to, and including, 2.8.1.1 due to insufficient input sanitization and output escaping. This...

5.4

CVE-2024-2925

  • EPSS 0.21%
  • Veröffentlicht 02.04.2024 07:16:13
  • Zuletzt bearbeitet 08.01.2025 18:28:36

The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Button Widget in all versions up to, and including, 2.8.0.5 due to insufficient input sanitization and output escaping on u...

5.4

CVE-2024-30425

  • EPSS 0.13%
  • Veröffentlicht 29.03.2024 14:15:08
  • Zuletzt bearbeitet 31.01.2025 19:59:44

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The Beaver Builder Team Beaver Builder allows Stored XSS.This issue affects Beaver Builder: from n/a through 2.7.4.4.

5.4

CVE-2024-1080

  • EPSS 0.17%
  • Veröffentlicht 13.03.2024 16:15:16
  • Zuletzt bearbeitet 02.01.2025 16:41:30

The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the via the heading tag in all versions up to, and including, 2.7.4.4 due to insufficient input sanitization and output escaping. This m...

5.4

CVE-2024-1074

  • EPSS 0.23%
  • Veröffentlicht 13.03.2024 16:15:16
  • Zuletzt bearbeitet 02.01.2025 17:10:07

The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the audio widget 'link_url' parameter in all versions up to, and including, 2.7.4.2 due to insufficient input sanitization and output es...