2 matches found
CVE-2024-2183
The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Heading widget in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2024-2183
The issue is a stored XSS in Beaver Builder Addons by WPZOOM for WordPress, affecting all versions up to 1.3.4. The vulnerability arises from insufficient input sanitization and output escaping in the Heading widget, allowing authenticated attackers with contributor-level access+ to inject script...