CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-2695 – Beaver Builder – WordPress Page Builder <= 2.5.5.2 - Authenticated Stored Cross-Site Scripting via 'caption'
https://notcve.org/view.php?id=CVE-2022-2695
The Beaver Builder – WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site Scripting via the 'caption' parameter added to images via the media uploader in versions up to, and including, 2.5.5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with access to the Beaver Builder editor and the ability to upload media files to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Beaver Builder - WordPress Page Builder para WordPress es vulnerable a un ataque de tipo Cross-Site Scripting Almacenado por medio del parámetro "caption" añadido a las imágenes por medio del cargador de medios en versiones hasta, e incluyendo, 2.5.5.2 debido a un saneo insuficiente de entrada y escape de salida. Esto hace posible a atacantes autenticados con acceso al editor Beaver Builder y la capacidad de cargar archivos multimedia inyectar scripts web arbitrarios en páginas que ejecutarán cada vez que un usuario acceda a una página inyectada. • https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2695 https://www.wpbeaverbuilder.com/change-logs • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-2517 – Beaver Builder – WordPress Page Builder <= 2.5.5.2 - Authenticated Stored Cross-Site Scripting via Caption - On Hover
https://notcve.org/view.php?id=CVE-2022-2517
The Beaver Builder – WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Caption - On Hover' value associated with images in versions up to, and including, 2.5.5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with access to the Beaver Builder editor to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. El Beaver Builder - WordPress Page Builder para WordPress es vulnerable a un ataque de tipo Cross-Site Scripting Almacenado por medio del valor "Caption - On Hover" asociado a las imágenes en versiones hasta, e incluyendo, la 2.5.5.2 debido a la insuficiente sanitización de la entrada y escape de la salida. Esto hace posible a atacantes autenticados con acceso al editor Beaver Builder inyecten scripts web arbitrarios en las páginas que ejecutarán cada vez que un usuario acceda a una página inyectada. • https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2517 https://www.wpbeaverbuilder.com/change-logs • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-36425 – WordPress Beaver Builder plugin <= 2.5.4.3 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2022-36425
Broken Access Control vulnerability in Beaver Builder plugin <= 2.5.4.3 at WordPress. Una vulnerabilidad de Control de Acceso Roto en el plugin Beaver Builder versiones anteriores a 2.5.4.3 incluyéndola, en WordPress. The Beaver Builder plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the save_settings function in versions up to, and including, 2.5.4.3. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to disable the plugin. • https://patchstack.com/database/vulnerability/beaver-builder-lite-version/wordpress-beaver-builder-plugin-2-5-4-3-broken-access-control-vulnerability/_s_id=cve https://wordpress.org/plugins/beaver-builder-lite-version/#developers • CWE-264: Permissions, Privileges, and Access Controls CWE-862: Missing Authorization •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 1CVE-2021-42748
https://notcve.org/view.php?id=CVE-2021-42748
In Beaver Builder through 2.5.0.3, attackers can bypass the visibility controls protection mechanism via the REST API. En Beaver Builder versiones hasta 2.5.0.3, los atacantes pueden omitir el mecanismo de protección de los controles de visibilidad por medio de la API REST • https://docs.wpbeaverbuilder.com/beaver-builder/developer/conditionally-hidden-content https://tekfused.com/tek/vulnerability-research/beaver-builder-vulnerabilities-visibility-conditional-logic-cve • CWE-425: Direct Request ('Forced Browsing') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2021-42749
https://notcve.org/view.php?id=CVE-2021-42749
In Beaver Themer, attackers can bypass conditional logic controls (for hiding content) when viewing the post archives. Exploitation requires that a Themer layout is applied to the archives, and that the post excerpt field is not set. En Beaver Themer, los atacantes pueden omitir los controles de lógica condicional (para ocultar el contenido) cuando son visualizados los archivos de las publicaciones. Una explotación requiere que sea aplicado un diseño de Themer a los archivos, y que el campo post excerpt no esté configurado • https://docs.wpbeaverbuilder.com/beaver-builder/developer/conditionally-hidden-content https://tekfused.com/tek/vulnerability-research/beaver-builder-vulnerabilities-visibility-conditional-logic-cve • CWE-668: Exposure of Resource to Wrong Sphere •