Lucene search
WpvulndbWPVDB-ID:91FEDB20-D5C4-4D5B-A1D9-F0CFD1C272A3HistoryAug 30, 2022 - 12:00 a.m.
Beaver Builder < 2.5.5.3 - Authenticated Stored XSS via Caption
2022-08-3000:00:00
wpscan.com
9
beaver builder
authenticated
stored xss
caption
media uploader
cross-site scripting
EPSS
0.001
Percentile
22.7%
The plugin does not sanitise and escape the caption parameter added to images via the media uploader, which could allow users with access to the pluginβs editor to perform Cross-Site Scripting attacks
Related
cvelist
cvelist
prion
prion
Cross site scripting
2022-09-06 18:15:00
cve
cve
CVE-2022-2695
2022-09-06 18:15:14
patchstack
patchstack
nvd
nvd
CVE-2022-2695
2022-09-06 18:15:14