2 matches found
CVE-2022-2517
The Beaver Builder – WordPress Page Builder for WordPress is affected by a Stored Cross-Site Scripting (XSS) vulnerability in the Caption - On Hover field of images, in versions up to and including 2.5.5.2. Root cause: insufficient input sanitization and output escaping. Impact: authenticated att...
CVE-2022-2517 Beaver Builder – WordPress Page Builder <= 2.5.5.2 - Authenticated Stored Cross-Site Scripting via Caption - On Hover
The Beaver Builder – WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Caption - On Hover' value associated with images in versions up to, and including, 2.5.5.2 due to insufficient input sanitization and output escaping. This makes it possible for...