beaverbuilder

Top products

The 15 most recently published vulnerabilities affecting beaverbuilder.

• CVE-2026-2481Beaver Builder Page Builder – Drag and Drop Website Builder <= 2.10.1.1 - Authenticated (Author+) Stored Cross-Site Scripting via 'settings[js]'6.4Apr 8, 2026
• CVE-2026-1231Beaver Builder Page Builder – Drag and Drop Website Builder <= 2.10.0.5 - Authenticated (Custom+) Missing Authorization to Stored Cross-Site Scripting via Global Settings6.4Feb 11, 2026
• CVE-2025-12934Beaver Builder – WordPress Page Builder <= 2.9.4.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Update8.1Dec 23, 2025
• CVE-2025-12558Beaver Builder – WordPress Page Builder <= 2.9.4 - Authenticated (Contributor+) Sensitive Information Exposure4.3Dec 9, 2025
• CVE-2025-12782Beaver Builder – WordPress Page Builder <= 2.9.4 - Missing Authorization to Authenticated (Contributor+) Builder Status Tampering4.3Dec 4, 2025
• CVE-2025-11726Beaver Builder – WordPress Page Builder <= 2.9.4 - Missing Authorization to Authenticated (Contributor+) Global Preset Modification4.3Dec 2, 2025
• CVE-2025-8897Beaver Builder Plugin (Lite Version) <= 2.9.2.1 - Reflected Cross-Site Scripting6.1Aug 28, 2025
• CVE-2024-11832Beaver Builder – WordPress Page Builder <= 2.8.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting6.4Dec 13, 2024
• CVE-2024-9505Beaver Builder – WordPress Page Builder <= 2.8.4.2 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Button Widget6.4Oct 29, 2024
• CVE-2024-9049Beaver Builder – WordPress Page Builder <= 2.8.3.6 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Button Group Module6.4Sep 27, 2024
• CVE-2024-7620Customizer Export/Import <= 0.9.7 - Authenticated (Admin+) Arbitrary File Upload via Customization Settings Import6.6Sep 7, 2024
• CVE-2024-7895Beaver Builder (Lite Version) <= 2.8.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via type Parameter6.4Aug 29, 2024
• CVE-2024-4430Beaver Builder <= 2.8.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via photo widget crop attribute6.4May 10, 2024
• CVE-2024-3923Beaver Builder – WordPress Page Builder <= 2.8.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting6.4May 9, 2024
• CVE-2024-2925Beaver Builder – WordPress Page Builder <= 2.8.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button6.4Apr 2, 2024