CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

CVE-2026-2481

The Beaver Builder Page Builder – Drag and Drop Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'settingsjs' parameter in versions up to, and including, 2.10.1.1 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.7AI score0.00012EPSS

Exploits0References1

NVD•added 2026/04/08 12:16 p.m.•1 views

CVE-2026-2481

6.4CVSS0.00012EPSS

Exploits0References2

Cvelist•added 2026/04/08 11:16 a.m.•19 views

CVE-2026-2481 Beaver Builder Page Builder – Drag and Drop Website Builder <= 2.10.1.1 - Authenticated (Author+) Stored Cross-Site Scripting via 'settings[js]'

6.4CVSS0.00012EPSS

Exploits0References2

ATTACKERKB•added 2026/04/08 11:16 a.m.•3 views

CVE-2026-2481

6.4CVSS6.1AI score0.00012EPSS

Exploits0References3

Vulnrichment•added 2026/04/08 11:16 a.m.•1 views

CVE-2026-2481 Beaver Builder Page Builder – Drag and Drop Website Builder <= 2.10.1.1 - Authenticated (Author+) Stored Cross-Site Scripting via 'settings[js]'

6.4CVSS6.1AI score0.00012EPSS

Exploits0References2

Positive Technologies•added 2026/04/08 12:0 a.m.•2 views

PT-2026-31293

Name of the Vulnerable Software and Affected Versions Beaver Builder Page Builder versions up to and including 2.10.1.1 Description The Beaver Builder Page Builder plugin for WordPress is susceptible to Stored Cross-Site Scripting through the settingsjs parameter due to inadequate input...

6.4CVSS5.8AI score0.00012EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by