829 matches found
CVE-2026-40744
CVE-2026-40744 concerns the WordPress Beaver Builder plugin (lite version) with a Blind SQL Injection vulnerability in Beaver Builder
CVE-2026-40744
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Beaver Builder Beaver Builder beaver-builder-lite-version allows Blind SQL Injection.This issue affects Beaver Builder: from n/a through = 2.10.1.2...
CVE-2026-40744 WordPress Beaver Builder plugin <= 2.10.1.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Beaver Builder Beaver Builder beaver-builder-lite-version allows Blind SQL Injection.This issue affects Beaver Builder: from n/a through = 2.10.1.2...
PT-2026-33046
Name of the Vulnerable Software and Affected Versions Beaver Builder versions prior to 2.10.1.3 Description Improper neutralization of special elements used in an SQL command allows for Blind SQL Injection. Blind SQL Injection is a type of attack where the application does not return data directl...
WordPress plugin Beaver Builder 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
WordPress Beaver Builder Page Builder - Drag and Drop Website Builder plugin <= 2.10.1.1 - Authenticated (Author+) Stored Cross-Site Scripting via 'settings[js]' vulnerability
WordPress Beaver Builder Page Builder - Drag and Drop Website Builder plugin = 2.10.1.1 - Authenticated Author+ Stored Cross-Site Scripting via 'settingsjs' vulnerability discovered by WordFence in WordPress Plugin Beaver Builder versions = 2.10.1.1...
CVE-2026-2481
The Beaver Builder Page Builder – Drag and Drop Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'settingsjs' parameter in versions up to, and including, 2.10.1.1 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-2481 Beaver Builder Page Builder – Drag and Drop Website Builder <= 2.10.1.1 - Authenticated (Author+) Stored Cross-Site Scripting via 'settings[js]'
The Beaver Builder Page Builder – Drag and Drop Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'settingsjs' parameter in versions up to, and including, 2.10.1.1 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-2481
The Beaver Builder Page Builder – Drag and Drop Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'settingsjs' parameter in versions up to, and including, 2.10.1.1 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-2481 Beaver Builder Page Builder – Drag and Drop Website Builder <= 2.10.1.1 - Authenticated (Author+) Stored Cross-Site Scripting via 'settings[js]'
The Beaver Builder Page Builder – Drag and Drop Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'settingsjs' parameter in versions up to, and including, 2.10.1.1 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-2481
CVE-2026-2481 affects the Beaver Builder Page Builder – Drag and Drop Website Builder for WordPress. The vulnerability is a Stored Cross-Site Scripting flaw in the plugin's settings[js] parameter, arising from insufficient input sanitization and output escaping in versions up to and including 2.1...
WordPress plugin Beaver Builder Page Builder 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
PT-2026-31293
Name of the Vulnerable Software and Affected Versions Beaver Builder Page Builder versions up to and including 2.10.1.1 Description The Beaver Builder Page Builder plugin for WordPress is susceptible to Stored Cross-Site Scripting through the settingsjs parameter due to inadequate input...
CVE-2026-32395
Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder - Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Addons For Beaver Builder - Lite: from n/a through = 1.5.6...
WordPress Beaver Builder plugin <= 2.10.1.2 - SQL Injection vulnerability
SQL Injection vulnerability discovered by daroo in WordPress Plugin Beaver Builder versions = 2.10.1.2...
EUVD-2026-11909
Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Addons For Beaver Builder Lite: from n/a through = 1.5.6...
CVE-2026-32395
Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder – Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Addons For Beaver Builder – Lite: from n/a through = 1.5.6...
CVE-2026-32395
Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder – Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Addons For Beaver Builder – Lite: from n/a through = 1.5.6...
CVE-2026-32395 WordPress Xpro Addons For Beaver Builder – Lite plugin <= 1.5.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder – Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Addons For Beaver Builder – Lite: from n/a through = 1.5.6...
CVE-2026-32395 WordPress Xpro Addons For Beaver Builder – Lite plugin <= 1.5.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Addons For Beaver Builder Lite: from n/a through = 1.5.6...