2 matches found
CVE-2024-2186
CVE-2024-2186: Beaver Builder Addons by WPZOOM for WordPress is susceptible to Stored XSS via the Team Members widget in all versions
CVE-2024-2186 Beaver Builder Addons by WPZOOM <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Team Members Widget
The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Team Members widget in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...