Lucene search
K
WpzoomBeaver Builder Addons

7 matches found

CVE
CVE
added 2024/04/09 6:59 p.m.71 views

CVE-2024-2183

The issue is a stored XSS in Beaver Builder Addons by WPZOOM for WordPress, affecting all versions up to 1.3.4. The vulnerability arises from insufficient input sanitization and output escaping in the Heading widget, allowing authenticated attackers with contributor-level access+ to inject script...

6.4CVSS7.6AI score0.00423EPSS
CVE
CVE
added 2024/04/09 6:58 p.m.71 views

CVE-2024-2186

CVE-2024-2186: Beaver Builder Addons by WPZOOM for WordPress is susceptible to Stored XSS via the Team Members widget in all versions

6.4CVSS7.6AI score0.00423EPSS
CVE
CVE
added 2024/04/09 6:58 p.m.70 views

CVE-2024-2181

The CVE refers to Beaver Builder Addons by WPZOOM (WordPress) with a Stored Cross-Site Scripting vulnerability in the Button widget, affecting all versions up to 1.3.4. Exploitation requires authenticated access at contributor level or higher, enabling an attacker to inject scripts that execute w...

6.4CVSS7.6AI score0.00423EPSS
CVE
CVE
added 2024/04/09 6:58 p.m.70 views

CVE-2024-2187

CVE-2024-2187 : The Beaver Builder Addons by WPZOOM for WordPress is exposed to Stored Cross-Site Scripting via the Testimonials widget in all versions up to and including 1.3.4. The root cause is insufficient input sanitization and output escaping, enabling authenticated attackers with contribut...

6.4CVSS7.6AI score0.00423EPSS
CVE
CVE
added 2024/04/09 6:58 p.m.65 views

CVE-2024-2185

CVE-2024-2185 concerns Beaver Builder Addons by WPZOOM for WordPress. Connected sources confirm a Stored XSS via the Image Box widget affecting versions up to 1.3.4 due to insufficient input sanitization/output escaping. Exploitation is reported to require at least Contributor+ authentication; th...

6.4CVSS7.6AI score0.00423EPSS
CVE
CVE
added 2024/11/19 10:0 p.m.63 views

CVE-2024-30424

CVE-2024-30424 corresponds to a Stored XSS in the WPZOOM Beaver Builder Addons for WordPress, affecting versions up to 1.3.4. The Red Hat/NVD entries and multiple sources consistently identify the root cause as insufficient input sanitization and output escaping in the Heading widget, enabling au...

6.5CVSS5.9AI score0.00218EPSS
CVE
CVE
added 2024/07/09 11:45 a.m.57 views

CVE-2024-37464

CVE-2024-37464 corresponds to an authenticated Local File Inclusion (path traversal) in Beaver Builder Addons by WPZOOM. Public sources in Connected Documents report that affected software is Beaver Builder Addons by WPZOOM, with versions from n/a through 1.3.5, and that the issue enables local f...

4.9CVSS5.5AI score0.00864EPSS