The vulnerability of the Beaver Builder plugin of the WordPress content management system, related to the lack of protective measures for website structures, allows attackers to carry out cross-site scripting attacks.

The vulnerability of the Beaver Builder plugin of the WordPress content management system exists due to the lack of protection for website structures when images with the “Caption – On Hover” property are used. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting...

Beaver Builder < 2.5.5.3 - Authenticated Stored XSS via Caption On Hover

The plugin does not sanitise and escape the Caption On Hover field of images, which could allow users with access to the plugin's editor to perform Cross-Site Scripting attacks...

PT-2020-6782 · Unknown · Beaver Builder

Name of the Vulnerable Software and Affected Versions: Beaver Builder versions up to, and including, 2.5.5.2 Description: The issue arises from insufficient input sanitization and output escaping in the 'Caption - On Hover' value associated with images. This allows authenticated attackers with...