Lucene search
+L

90 matches found

cnnvd
cnnvd
added 2024/12/13 12:0 a.m.3 views

WordPress plugin Beaver Builder – WordPress Page Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Beaver...

6.4CVSS7.5AI score0.00236EPSS
Exploits0References2
nvd
nvd
added 2024/12/06 2:15 p.m.24 views

CVE-2024-54213

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zionbuilder ZionBuilder zionbuilder allows Stored XSS.This issue affects ZionBuilder: from n/a through = 3.6.16...

6.5CVSS0.00243EPSS
Exploits0References1
cvelist
cvelist
added 2024/12/06 1:7 p.m.28 views

CVE-2024-54213 WordPress WordPress Page Builder – Zion Builder plugin <= 3.6.16 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zionbuilder ZionBuilder zionbuilder allows Stored XSS.This issue affects ZionBuilder: from n/a through = 3.6.16...

6.5CVSS0.00243EPSS
Exploits0References1
cve
cve
added 2024/12/06 1:7 p.m.49 views

CVE-2024-54213

CVE-2024-54213 refers to a Stored XSS vulnerability in the WordPress Page Builder plugin Zion Builder ( Zion Builder ) for WordPress. The issue arises from improper input neutralization during web page generation, enabling stored cross-site scripting. Affected versions are Zion Builder from n/a u...

6.5CVSS7.2AI score0.00243EPSS
Exploits0References1
patchstack
patchstack
added 2024/11/20 12:0 a.m.11 views

WordPress Page Parts Plugin <= 1.4.3 is vulnerable to Cross Site Scripting (XSS)

Software Page Parts Type Plugin Vulnerable versions = 1.4.3 Fixed in 1.4.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11360 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6c5273fd367a Credits vgo0 Required privileg...

6.1CVSS6AI score0.00735EPSS
Exploits0References3Affected Software1
nvd
nvd
added 2024/10/29 2:15 p.m.30 views

CVE-2024-9505

The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Button widget in all versions up to, and including, 2.8.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

6.4CVSS0.0032EPSS
Exploits0References4
cnnvd
cnnvd
added 2024/09/27 12:0 a.m.3 views

WordPress plugin Beaver Builder – WordPress Page Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Beaver...

6.4CVSS5.7AI score0.00312EPSS
Exploits0References3
patchstack
patchstack
added 2024/06/18 12:0 a.m.10 views

WordPress Page Builder: Live Composer Plugin <= 1.5.50 is vulnerable to Cross Site Scripting (XSS)

Software Page Builder: Live Composer Type Plugin Vulnerable versions = 1.5.50 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35768 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID b331f6102ccd Credits savphill Required privilege...

5.9CVSS6.6AI score0.00318EPSS
Exploits0References2Affected Software1
patchstack
patchstack
added 2024/05/21 12:0 a.m.13 views

WordPress Page Builder by SiteOrigin Plugin <= 2.29.15 is vulnerable to Cross Site Scripting (XSS)

Software Page Builder by SiteOrigin Type Plugin Vulnerable versions = 2.29.15 Fixed in 2.29.16 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4361 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0f447bc1bf9e Credits...

6.4CVSS5.8AI score0.00357EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2024/05/10 9:32 p.m.26 views

CVE-2024-4430 Beaver Builder <= 2.8.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via photo widget crop attribute

The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the photo widget crop attribute in all versions up to, and including, 2.8.1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS6AI score0.00486EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2024/05/09 8:3 p.m.9 views

CVE-2024-3923 Beaver Builder – WordPress Page Builder <= 2.8.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the linktarget parameter in all versions up to, and including, 2.8.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

6.4CVSS5.8AI score0.00419EPSS
Exploits0References3
patchstack
patchstack
added 2024/04/23 12:0 a.m.12 views

WordPress Page Builder: Live Composer Plugin <= 1.5.38 is vulnerable to Broken Access Control

Software Page Builder: Live Composer Type Plugin Vulnerable versions = 1.5.38 Fixed in 1.5.39 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32957 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID 6edbbb14734c Credits savphill Requir...

4.7CVSS6.9AI score0.00379EPSS
Exploits0References2Affected Software1
patchstack
patchstack
added 2024/04/10 12:0 a.m.11 views

WordPress Page Builder: Live Composer Plugin <= 1.5.35 is vulnerable to Cross Site Request Forgery (CSRF)

Software Page Builder: Live Composer Type Plugin Vulnerable versions = 1.5.35 Fixed in 1.5.36 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31933 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID c287b96c4dbe Credits Brand...

5.4CVSS6.6AI score0.00197EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2024/03/29 5:15 p.m.11 views

CVE-2024-30444

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in zionbuilder.Io WordPress Page Builder – Zion Builder allows Stored XSS.This issue affects WordPress Page Builder – Zion Builder: from n/a through 3.6.9...

5.9CVSS5.7AI score0.00359EPSS
Exploits0References1
cve
cve
added 2024/03/29 4:59 p.m.66 views

CVE-2024-30444

CVE-2024-30444 describes a stored Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Zion Builder (zionbuilder.io). According to the Red Hat entry, the issue is caused by improper neutralization of input during web page generation, enabling stored XSS. The vulnerability affects Zion...

5.9CVSS8.6AI score0.00359EPSS
Exploits0References1
cnnvd
cnnvd
added 2024/03/29 12:0 a.m.6 views

WordPress Plugin WordPress Page Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin WordPress Page...

5.9CVSS7.3AI score0.00359EPSS
Exploits0References2
patchstack
patchstack
added 2024/03/28 12:0 a.m.10 views

WordPress WordPress Page Builder – Zion Builder Plugin <= 3.6.9 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Page Builder – Zion Builder Type Plugin Vulnerable versions = 3.6.9 Fixed in 3.6.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-30444 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID b53fed734ad9 Credits savphill Requir...

5.9CVSS6.6AI score0.00359EPSS
Exploits0References2Affected Software1
patchstack
patchstack
added 2024/03/25 12:0 a.m.11 views

WordPress Page Builder by SiteOrigin Plugin <= 2.29.6 is vulnerable to Cross Site Scripting (XSS)

Software Page Builder by SiteOrigin Type Plugin Vulnerable versions = 2.29.6 Fixed in 2.29.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2202 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 92274a8f9656 Credits Webbernaut...

6.4CVSS5.8AI score0.0043EPSS
Exploits0References3Affected Software1
nvd
nvd
added 2024/03/13 4:15 p.m.20 views

CVE-2024-1080

The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the via the heading tag in all versions up to, and including, 2.7.4.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

6.4CVSS5.7AI score0.00409EPSS
Exploits0References2
nvd
nvd
added 2024/03/13 4:15 p.m.26 views

CVE-2024-0897

The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image URL parameter in all versions up to, and including, 2.7.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

6.4CVSS5.8AI score0.00406EPSS
Exploits0References2
Rows per page
Query Builder