2 matches found
CVE-2024-1038
The CVE-2024-1038 entry concerns Beaver Builder – WordPress Page Builder for WordPress with a DOM-Based Reflected Cross-Site Scripting vulnerability. Affected versions are up to 2.7.4.2, due to insufficient input sanitization and output escaping in the playground.wordpress.net parameter, enabling...
CVE-2024-1038 Beaver Builder – WordPress Page Builder <= 2.7.4.2 - Reflected (DOM-Based) Cross-Site Scripting
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to DOM-Based Reflected Cross-Site Scripting via a 'playground.wordpress.net' parameter in all versions up to, and including, 2.7.4.2 due to insufficient input sanitization and output escaping. This makes it possible fo...