Lucene search
K

829 matches found

CVE
CVE
added 2026/04/15 10:21 a.m.13 views

CVE-2026-40744

CVE-2026-40744 concerns the WordPress Beaver Builder plugin (lite version) with a Blind SQL Injection vulnerability in Beaver Builder

8.5CVSS5.9AI score0.0022EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/15 10:21 a.m.8 views

CVE-2026-40744

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Beaver Builder Beaver Builder beaver-builder-lite-version allows Blind SQL Injection.This issue affects Beaver Builder: from n/a through = 2.10.1.2...

5.9AI score0.0022EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/15 10:21 a.m.3 views

CVE-2026-40744 WordPress Beaver Builder plugin <= 2.10.1.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Beaver Builder Beaver Builder beaver-builder-lite-version allows Blind SQL Injection.This issue affects Beaver Builder: from n/a through = 2.10.1.2...

8.5CVSS5.9AI score0.0022EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.6 views

PT-2026-33046

Name of the Vulnerable Software and Affected Versions Beaver Builder versions prior to 2.10.1.3 Description Improper neutralization of special elements used in an SQL command allows for Blind SQL Injection. Blind SQL Injection is a type of attack where the application does not return data directl...

8.5CVSS5.9AI score0.0022EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.12 views

WordPress plugin Beaver Builder 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

8.5CVSS5.9AI score0.0022EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/04/09 6:38 p.m.4 views

WordPress Beaver Builder Page Builder - Drag and Drop Website Builder plugin <= 2.10.1.1 - Authenticated (Author+) Stored Cross-Site Scripting via 'settings[js]' vulnerability

WordPress Beaver Builder Page Builder - Drag and Drop Website Builder plugin = 2.10.1.1 - Authenticated Author+ Stored Cross-Site Scripting via 'settingsjs' vulnerability discovered by WordFence in WordPress Plugin Beaver Builder versions = 2.10.1.1...

6.4CVSS5.9AI score0.00261EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/04/08 12:16 p.m.2 views

CVE-2026-2481

The Beaver Builder Page Builder – Drag and Drop Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'settingsjs' parameter in versions up to, and including, 2.10.1.1 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS0.00261EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/08 11:16 a.m.22 views

CVE-2026-2481 Beaver Builder Page Builder – Drag and Drop Website Builder <= 2.10.1.1 - Authenticated (Author+) Stored Cross-Site Scripting via 'settings[js]'

The Beaver Builder Page Builder – Drag and Drop Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'settingsjs' parameter in versions up to, and including, 2.10.1.1 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS0.00261EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/08 11:16 a.m.4 views

CVE-2026-2481

The Beaver Builder Page Builder – Drag and Drop Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'settingsjs' parameter in versions up to, and including, 2.10.1.1 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS6.1AI score0.00261EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/08 11:16 a.m.1 views

CVE-2026-2481 Beaver Builder Page Builder – Drag and Drop Website Builder <= 2.10.1.1 - Authenticated (Author+) Stored Cross-Site Scripting via 'settings[js]'

The Beaver Builder Page Builder – Drag and Drop Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'settingsjs' parameter in versions up to, and including, 2.10.1.1 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS6.1AI score0.00261EPSS
Exploits0References2
CVE
CVE
added 2026/04/08 11:16 a.m.10 views

CVE-2026-2481

CVE-2026-2481 affects the Beaver Builder Page Builder – Drag and Drop Website Builder for WordPress. The vulnerability is a Stored Cross-Site Scripting flaw in the plugin's settings[js] parameter, arising from insufficient input sanitization and output escaping in versions up to and including 2.1...

6.4CVSS6.1AI score0.00261EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.8 views

WordPress plugin Beaver Builder Page Builder 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.4CVSS5.8AI score0.00261EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.6 views

PT-2026-31293

Name of the Vulnerable Software and Affected Versions Beaver Builder Page Builder versions up to and including 2.10.1.1 Description The Beaver Builder Page Builder plugin for WordPress is susceptible to Stored Cross-Site Scripting through the settingsjs parameter due to inadequate input...

6.4CVSS5.8AI score0.00261EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/03/26 3:17 p.m.5 views

CVE-2026-32395

Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder - Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Addons For Beaver Builder - Lite: from n/a through = 1.5.6...

5.3CVSS5.8AI score0.00199EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/23 12:51 p.m.7 views

WordPress Beaver Builder plugin <= 2.10.1.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by daroo in WordPress Plugin Beaver Builder versions = 2.10.1.2...

6AI score0.0022EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2026/03/13 9:31 p.m.5 views

EUVD-2026-11909

Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Addons For Beaver Builder Lite: from n/a through = 1.5.6...

5.3CVSS5.8AI score0.00199EPSS
Exploits0References2
NVD
NVD
added 2026/03/13 7:54 p.m.3 views

CVE-2026-32395

Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder – Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Addons For Beaver Builder – Lite: from n/a through = 1.5.6...

5.3CVSS0.00199EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/13 11:42 a.m.3 views

CVE-2026-32395

Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder – Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Addons For Beaver Builder – Lite: from n/a through = 1.5.6...

5.3CVSS5.1AI score0.00199EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/13 11:42 a.m.30 views

CVE-2026-32395 WordPress Xpro Addons For Beaver Builder – Lite plugin <= 1.5.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder – Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Addons For Beaver Builder – Lite: from n/a through = 1.5.6...

5.3CVSS0.00199EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/13 11:42 a.m.2 views

CVE-2026-32395 WordPress Xpro Addons For Beaver Builder – Lite plugin <= 1.5.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Addons For Beaver Builder Lite: from n/a through = 1.5.6...

5.8AI score0.00199EPSS
Exploits0References1
Rows per page
Query Builder