Lucene search
K

829 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:29 a.m.6 views

CVE-2023-50889

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in The Beaver Builder Team Beaver Builder – WordPress Page Builder allows Stored XSS.This issue affects Beaver Builder – WordPress Page Builder: from n/a through 2.7.2...

6.5CVSS6.7AI score0.00321EPSS
Exploits0References1
NVD
NVD
added 2026/01/08 5:15 p.m.4 views

CVE-2026-22488

Missing Authorization vulnerability in IdeaBox Creations Dashboard Welcome for Beaver Builder dashboard-welcome-for-beaver-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dashboard Welcome for Beaver Builder: from n/a through = 1.0.8...

5.3CVSS0.00176EPSS
Exploits0References1
CVE
CVE
added 2026/01/08 4:35 p.m.14 views

CVE-2026-22488

CVE-2026-22488 affects Dashboard Welcome for Beaver Builder (WordPress). The Initial Description notes a Missing Authorization vulnerability allowing access due to incorrectly configured Access Control Security Levels, impacting Dashboard Welcome for Beaver Builder versions from n/a up to 1.0.8. ...

5.3CVSS5.9AI score0.00176EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/08 4:35 p.m.4 views

CVE-2026-22488 WordPress Dashboard Welcome for Beaver Builder plugin <= 1.0.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in IdeaBox Creations Dashboard Welcome for Beaver Builder dashboard-welcome-for-beaver-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dashboard Welcome for Beaver Builder: from n/a through = 1.0.8...

5.3CVSS5.7AI score0.00176EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/08 4:35 p.m.36 views

CVE-2026-22488 WordPress Dashboard Welcome for Beaver Builder plugin <= 1.0.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in IdeaBox Creations Dashboard Welcome for Beaver Builder dashboard-welcome-for-beaver-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dashboard Welcome for Beaver Builder: from n/a through = 1.0.8...

5.3CVSS0.00176EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/08 12:0 a.m.3 views

WordPress plugin Dashboard Welcome for Beaver Builder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

5.3CVSS6.4AI score0.00176EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/08 12:0 a.m.8 views

PT-2026-2190

Name of the Vulnerable Software and Affected Versions Dashboard Welcome for Beaver Builder versions through 1.0.8 Description An issue exists in Dashboard Welcome for Beaver Builder related to incorrectly configured access control security levels, allowing for missing authorization. The issue...

5.3CVSS6.6AI score0.00176EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/07 9:14 a.m.9 views

CVE-2024-2186

The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Team Members widget in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.8AI score0.00423EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:14 a.m.10 views

CVE-2024-2183

The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Heading widget in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.5AI score0.00423EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:13 a.m.12 views

CVE-2024-2925

The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Button Widget in all versions up to, and including, 2.8.0.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

6.4CVSS5.8AI score0.00408EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:13 a.m.6 views

CVE-2024-2187

The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Testimonials widget in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.8AI score0.00423EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:12 a.m.3 views

CVE-2024-2163

The Ninja Beaver Add-ons for Beaver Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 2.4.5 due to insufficient input sanitization and output escaping on user supplied attributes such as urls. This makes it...

6.4CVSS6.1AI score0.00267EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:12 a.m.7 views

CVE-2024-2181

The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Button widget in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.8AI score0.00423EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/07 6:40 a.m.5 views

WordPress Dashboard Welcome for Beaver Builder plugin <= 1.0.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Dashboard Welcome for Beaver Builder versions = 1.0.8...

5.3CVSS7AI score0.00176EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/01 1:34 p.m.6 views

CVE-2025-62990

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in livemesh Livemesh Addons for Beaver Builder addons-for-beaver-builder allows Stored XSS.This issue affects Livemesh Addons for Beaver Builder: from n/a through = 3.9.2...

6.5CVSS5.9AI score0.0013EPSS
Exploits0References1
NVD
NVD
added 2025/12/31 1:15 p.m.6 views

CVE-2025-62990

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in livemesh Livemesh Addons for Beaver Builder addons-for-beaver-builder allows Stored XSS.This issue affects Livemesh Addons for Beaver Builder: from n/a through = 3.9.2...

6.5CVSS0.0013EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/31 12:57 p.m.5 views

EUVD-2025-205971

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Livemesh Livemesh Addons for Beaver Builder addons-for-beaver-builder allows Stored XSS.This issue affects Livemesh Addons for Beaver Builder: from n/a through 3.9.2...

6.5CVSS5.5AI score0.0013EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/31 12:57 p.m.4 views

CVE-2025-62990 WordPress Livemesh Addons for Beaver Builder plugin <= 3.9.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Livemesh Livemesh Addons for Beaver Builder addons-for-beaver-builder allows Stored XSS.This issue affects Livemesh Addons for Beaver Builder: from n/a through 3.9.2...

6.5CVSS5.6AI score0.0013EPSS
Exploits0References1
CVE
CVE
added 2025/12/31 12:57 p.m.14 views

CVE-2025-62990

CVE-2025-62990 is a stored XSS in Livemesh Addons for Beaver Builder (Livemesh Addons for Beaver Builder) affecting versions up to 3.9.2. The issue is an authenticated Stored Cross-Site Scripting vulnerability caused by improper input neutralization during web page generation. The Wordfence vulne...

6.5CVSS5.9AI score0.0013EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/31 12:57 p.m.29 views

CVE-2025-62990 WordPress Livemesh Addons for Beaver Builder plugin <= 3.9.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in livemesh Livemesh Addons for Beaver Builder addons-for-beaver-builder allows Stored XSS.This issue affects Livemesh Addons for Beaver Builder: from n/a through = 3.9.2...

6.5CVSS0.0013EPSS
Exploits0References1
Rows per page
Query Builder