CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/04/15 10:21 a.m.•5 views

CVE-2026-40744

5.9AI score0.0022EPSS

Positive Technologies•added 2026/04/15 12:0 a.m.•6 views

PT-2026-33046

Name of the Vulnerable Software and Affected Versions Beaver Builder versions prior to 2.10.1.3 Description Improper neutralization of special elements used in an SQL command allows for Blind SQL Injection. Blind SQL Injection is a type of attack where the application does not return data directl...

8.5CVSS5.9AI score0.0022EPSS

Exploits0References4

RedhatCVE•added 2026/03/26 3:17 p.m.•5 views

CVE-2026-32395

Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder - Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Addons For Beaver Builder - Lite: from n/a through = 1.5.6...

5.3CVSS5.8AI score0.00199EPSS

EUVD•added 2026/03/13 9:31 p.m.•4 views

EUVD-2026-11909

Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Addons For Beaver Builder Lite: from n/a through = 1.5.6...

5.3CVSS5.8AI score0.00199EPSS

NVD•added 2026/03/13 7:54 p.m.•3 views

CVE-2026-32395

Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder – Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Addons For Beaver Builder – Lite: from n/a through = 1.5.6...

5.3CVSS0.00199EPSS

CVE•added 2026/03/13 11:42 a.m.•5 views

CVE-2026-32395

The CVE affects WordPress Xpro Addons For Beaver Builder – Lite (xpro-addons-beaver-builder-elementor) with versions up to and including 1.5.6. It describes a Missing Authorization vulnerability that enables Exploiting Incorrectly Configured Access Control Security Levels, i.e., a broken access c...

5.3CVSS5.1AI score0.00199EPSS

Cvelist•added 2026/03/13 11:42 a.m.•29 views

CVE-2026-32395 WordPress Xpro Addons For Beaver Builder – Lite plugin <= 1.5.6 - Broken Access Control vulnerability

5.3CVSS0.00199EPSS

Vulnrichment•added 2026/03/13 11:42 a.m.•2 views

CVE-2026-32395 WordPress Xpro Addons For Beaver Builder – Lite plugin <= 1.5.6 - Broken Access Control vulnerability

5.8AI score0.00199EPSS

Positive Technologies•added 2026/03/13 12:0 a.m.•7 views

PT-2026-25241

5.3CVSS5.8AI score0.00199EPSS

Exploits0References4

Patchstack•added 2026/02/02 7:39 p.m.•7 views

WordPress Ultimate Addons for Beaver Builder - Lite plugin <= 1.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Info Table Widget vulnerability

WordPress Ultimate Addons for Beaver Builder - Lite plugin = 1.5.7 - Authenticated Contributor+ Stored Cross-Site Scripting via Info Table Widget vulnerability discovered by Francesco Carlucci in WordPress Plugin Ultimate Addons for Beaver Builder – Lite versions = 1.5.7...

6.4CVSS8.3AI score0.00433EPSS

Patchstack•added 2026/02/02 7:39 p.m.•5 views

WordPress Ultimate Addons for Beaver Builder - Lite plugin <= 1.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Advanced Icons Widget vulnerability

WordPress Ultimate Addons for Beaver Builder - Lite plugin = 1.5.7 - Authenticated Contributor+ Stored Cross-Site Scripting via Advanced Icons Widget vulnerability discovered by Francesco Carlucci in WordPress Plugin Ultimate Addons for Beaver Builder – Lite versions = 1.5.7...

6.4CVSS8.3AI score0.00343EPSS

Patchstack•added 2026/02/02 7:38 p.m.•7 views

WordPress Ultimate Addons for Beaver Builder - Lite plugin <= 1.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Heading Widget vulnerability

WordPress Ultimate Addons for Beaver Builder - Lite plugin = 1.5.7 - Authenticated Contributor+ Stored Cross-Site Scripting via Heading Widget vulnerability discovered by Francesco Carlucci in WordPress Plugin Ultimate Addons for Beaver Builder – Lite versions = 1.5.7...

6.4CVSS8.3AI score0.00343EPSS

Patchstack•added 2026/02/02 7:37 p.m.•6 views

WordPress Ultimate Addons for Beaver Builder - Lite plugin <= 1.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Separator Widget vulnerability

WordPress Ultimate Addons for Beaver Builder - Lite plugin = 1.5.7 - Authenticated Contributor+ Stored Cross-Site Scripting via Image Separator Widget vulnerability discovered by Francesco Carlucci in WordPress Plugin Ultimate Addons for Beaver Builder – Lite versions = 1.5.7...

6.4CVSS8.3AI score0.00433EPSS

CVE•added 2026/01/22 4:52 p.m.•14 views

CVE-2025-69319

CVE-2025-69319 is an authenticated (Contributor+) remote code execution vulnerability in Beaver Builder Page Builder (Beaver Builder Lite) affecting versions up to 2.9.4.1. The issue is described as an arbitrary code execution via code generation/injection. The Wordfence vulnerability report conf...

7.5CVSS5.4AI score0.00273EPSS

Positive Technologies•added 2026/01/22 12:0 a.m.•6 views

PT-2026-4197

Improper Control of Generation of Code 'Code Injection' vulnerability in Beaver Builder Beaver Builder beaver-builder-lite-version allows Code Injection.This issue affects Beaver Builder: from n/a through = 2.9.4.1...

5.4AI score0.00273EPSS

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-28152

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00215EPSS

ATTACKERKB•added 2025/05/19 3:15 p.m.•5 views

CVE-2025-48232

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xpro Xpro Addons For Beaver Builder – Lite xpro-addons-beaver-builder-elementor allows Stored XSS.This issue affects Xpro Addons For Beaver Builder – Lite: from n/a through = 1.5.5...

6.5CVSS5.2AI score0.00215EPSS

NVD•added 2025/05/19 3:15 p.m.•9 views

CVE-2025-48232

6.5CVSS0.00215EPSS

CNNVD•added 2025/05/19 12:0 a.m.•2 views

WordPress plugin Xpro Addons For Beaver Builder Lite 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.5CVSS6AI score0.00215EPSS