Fastlinemedia

Beaver Builder

31 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2024-1038

  • EPSS 0.81%
  • Veröffentlicht 13.03.2024 16:15:16
  • Zuletzt bearbeitet 02.01.2025 17:15:09

The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to DOM-Based Reflected Cross-Site Scripting via a 'playground.wordpress.net' parameter in all versions up to, and including, 2.7.4.2 due to insufficient input sanitization...

5.4

CVE-2024-0897

  • EPSS 0.18%
  • Veröffentlicht 13.03.2024 16:15:15
  • Zuletzt bearbeitet 02.01.2025 17:15:24

The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image URL parameter in all versions up to, and including, 2.7.4.2 due to insufficient input sanitization and output escaping. This m...

5.4

CVE-2024-0896

  • EPSS 0.21%
  • Veröffentlicht 13.03.2024 16:15:14
  • Zuletzt bearbeitet 02.01.2025 17:15:39

The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the button link parameter in all versions up to, and including, 2.7.4.2 due to insufficient input sanitization and output escaping. This...

5.4

CVE-2024-0871

  • EPSS 0.19%
  • Veröffentlicht 13.03.2024 16:15:14
  • Zuletzt bearbeitet 02.01.2025 17:16:05

The Beaver Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Icon Widget 'fl_builder_data[node_preview][link]' and 'fl_builder_data[settings][link_target]' parameters in all versions up to, and including, 2.7.4.2 due t...

5.4

CVE-2023-50889

  • EPSS 0.16%
  • Veröffentlicht 29.12.2023 12:15:45
  • Zuletzt bearbeitet 21.11.2024 08:37:28

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The Beaver Builder Team Beaver Builder – WordPress Page Builder allows Stored XSS.This issue affects Beaver Builder – WordPress Page Builder: from n...

9.8

CVE-2022-36425

  • EPSS 0.6%
  • Veröffentlicht 06.09.2022 18:15:15
  • Zuletzt bearbeitet 21.11.2024 07:12:59

Broken Access Control vulnerability in Beaver Builder plugin <= 2.5.4.3 at WordPress.

5.4

CVE-2022-2934

  • EPSS 0.91%
  • Veröffentlicht 06.09.2022 18:15:14
  • Zuletzt bearbeitet 21.11.2024 07:01:56

The Beaver Builder – WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Image URL' value found in the Media block in versions up to, and including, 2.5.5.2 due to insufficient input sanitization and output esca...

5.4

CVE-2022-2716

  • EPSS 0.91%
  • Veröffentlicht 06.09.2022 18:15:14
  • Zuletzt bearbeitet 21.11.2024 07:01:34

The Beaver Builder – WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Text Editor' block in versions up to, and including, 2.5.5.2 due to insufficient input sanitization and output escaping. This makes it pos...

5.4

CVE-2022-2695

  • EPSS 0.91%
  • Veröffentlicht 06.09.2022 18:15:14
  • Zuletzt bearbeitet 21.11.2024 07:01:32

The Beaver Builder – WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site Scripting via the 'caption' parameter added to images via the media uploader in versions up to, and including, 2.5.5.2 due to insufficient input sanitization...

5.4

CVE-2022-2517

  • EPSS 0.16%
  • Veröffentlicht 06.09.2022 18:15:14
  • Zuletzt bearbeitet 21.11.2024 07:01:09

The Beaver Builder – WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Caption - On Hover' value associated with images in versions up to, and including, 2.5.5.2 due to insufficient input sanitization and outp...