WordPress Plugin Vulnerabilities
Beaver Builder < 2.5.5.3 - Authenticated Stored XSS via Text Editor
Description
The plugin does not sanitise and escape the Text Editor block, which could allow users with access to the plugin's editor to perform Cross-Site Scripting attacks
Affects Plugins
References
CVE
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
Zhouyuan Yang
Verified
No
WPVDB ID
Timeline
Publicly Published
2022-08-29 (about 1 years ago)
Added
2022-08-30 (about 1 years ago)
Last Updated
2022-08-30 (about 1 years ago)