829 matches found
WordPress Livemesh Addons for Beaver Builder plugin <= 3.9.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin Livemesh Addons for Beaver Builder versions = 3.9.2...
WordPress plugin Livemesh Addons for Beaver Builder 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-54326
Name of the Vulnerable Software and Affected Versions Livemesh Addons for Beaver Builder versions through 3.9.2 Description The software contains a flaw related to improper handling of user-supplied data when creating web pages, potentially leading to Cross-site Scripting XSS. This issue allows f...
WordPress Beaver Builder Plugin (Starter Version) plugin <= 2.9.1 - Authenticated (Administrator+) Arbitrary File Upload vulnerability
Authenticated Administrator+ Arbitrary File Upload vulnerability discovered by Tom Broucke - Otomaties in WordPress Plugin Beaver Builder Plugin Starter Version versions = 2.9.1...
CVE-2025-12934
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'duplicatewpmllayout' function in all versions up to, and including, 2.9.4.1. This makes it possible for authenticated attackers,...
EUVD-2025-204782
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'duplicatewpmllayout' function in all versions up to, and including, 2.9.4.1. This makes it possible for authenticated attackers,...
CVE-2025-12934
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'duplicatewpmllayout' function in all versions up to, and including, 2.9.4.1. This makes it possible for authenticated attackers,...
CVE-2025-12934 Beaver Builder – WordPress Page Builder <= 2.9.4.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Update
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'duplicatewpmllayout' function in all versions up to, and including, 2.9.4.1. This makes it possible for authenticated attackers,...
CVE-2025-12934
CVE-2025-12934 affects the Beaver Builder Page Builder for WordPress. Wordfence’s vulnerability detail describes a missing capability check in the duplicate_wpml_layout function that exists in Beaver Builder versions up to and including 2.9.4.1. This permits authenticated attackers with Subscribe...
CVE-2025-12934 Beaver Builder – WordPress Page Builder <= 2.9.4.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Update
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'duplicatewpmllayout' function in all versions up to, and including, 2.9.4.1. This makes it possible for authenticated attackers,...
WordPress Beaver Builder – WordPress Page Builder plugin <= 2.9.4.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Update vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary Post Update vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Beaver Builder versions = 2.9.4.1...
WordPress plugin Beaver Builder 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
PT-2025-52730
Name of the Vulnerable Software and Affected Versions Beaver Builder – WordPress Page Builder plugin versions prior to 2.9.4.1 Description The Beaver Builder – WordPress Page Builder plugin for WordPress is susceptible to unauthorized access and modification of data. This is due to a missing...
WordPress Plugin Beaver Builder Information Disclosure Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information...
CVE-2025-12558
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.4 via the 'getattachmentsizes' function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extra...
EUVD-2025-202053
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.4 via the 'getattachmentsizes' function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extra...
CVE-2025-12558
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.4 via the 'getattachmentsizes' function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extra...
CVE-2025-12558
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.4 via the 'getattachmentsizes' function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extra...
CVE-2025-12558 Beaver Builder – WordPress Page Builder <= 2.9.4 - Authenticated (Contributor+) Sensitive Information Exposure
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.4 via the 'getattachmentsizes' function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extra...
CVE-2025-12558
CVE-2025-12558 (Beaver Builder – WordPress Page Builder) exposes sensitive information via the get_attachment_sizes function. All versions up to and including 2.9.4 are affected. Exploitation requires authentication at Contributor level or higher, enabling an attacker to extract the path and meta...