2 matches found
CVE-2022-0176
The PowerPack Lite for Beaver Builder WordPress plugin before 1.2.9.3 does not sanitise and escape the tab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...
CVE-2022-0176
PowerPack Lite for Beaver Builder WordPress plugin (versions before 1.2.9.3) is affected by a reflected Cross‑Site Scripting (XSS) due to failure to sanitize and escape the tab parameter before outputting it on an admin page. Root cause: improper handling of the tab parameter leads to injected Ja...