| CVE-2024-11832 | Beaver Builder – WordPress Page Builder <= 2.8.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting | beaverbuilder | Beaver Builder Page Builder – Drag and Drop Website Builder | Medium | 6.4 | 2024-12-13 08:24:48 | Deep Dive |
| CVE-2024-53797 | WordPress Beaver Builder plugin <= 2.8.4.3 - Cross Site Scripting (XSS) vulnerability | Beaver Builder | Beaver Builder | Medium | 6.5 | 2024-12-06 13:07:35 | Deep Dive |
| CVE-2024-30424 | WordPress Beaver Builder Addons by WPZOOM plugin <= 1.3.4 - Cross Site Scripting (XSS) vulnerability | WPZOOM | Beaver Builder Addons by WPZOOM | Medium | 6.5 | 2024-11-19 22:01:00 | Deep Dive |
| CVE-2024-50430 | WordPress Beaver Builder plugin <= 2.8.3.7 - Cross Site Scripting (XSS) vulnerability | Beaver Builder | Beaver Builder | Medium | 5.9 | 2024-11-19 18:39:05 | Deep Dive |
| CVE-2024-51585 | WordPress Sales Page Addon plugin <= 1.4.5 - Stored Cross Site Scripting (XSS) vulnerability | nicheaddons | Sales Page Addon – Elementor & Beaver Builder | Medium | 6.5 | 2024-11-09 14:59:25 | Deep Dive |
| CVE-2024-9505 | Beaver Builder – WordPress Page Builder <= 2.8.4.2 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Button Widget | beaverbuilder | Beaver Builder Page Builder – Drag and Drop Website Builder | Medium | 6.4 | 2024-10-29 13:53:56 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-9049 | Beaver Builder – WordPress Page Builder <= 2.8.3.6 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Button Group Module | beaverbuilder | Beaver Builder Page Builder – Drag and Drop Website Builder | Medium | 6.4 | 2024-09-27 06:53:58 | Deep Dive |
| CVE-2024-9069 | Graphicsly – The ultimate graphics plugin for WordPress website builder ( Gutenberg, Elementor, Beaver Builder, WPBakery ) <= 1.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | besnikac | Graphicsly – The ultimate graphics plugin for WordPress website builder ( Gutenberg, Elementor, Beaver Builder, WPBakery ) | Medium | 6.4 | 2024-09-25 02:05:07 | Deep Dive |
| CVE-2024-43926 | WordPress Beaver Builder plugin <= 2.8.3.2 - Reflected Cross Site Scripting (XSS) vulnerability | The Beaver Builder Team | Beaver Builder | High | 7.1 | 2024-08-29 18:10:31 | Deep Dive |
| CVE-2024-7895 | Beaver Builder (Lite Version) <= 2.8.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via type Parameter | beaverbuilder | Beaver Builder Page Builder – Drag and Drop Website Builder | Medium | 6.4 | 2024-08-29 10:59:42 | Deep Dive |
| CVE-2024-43330 | WordPress PowerPack for Beaver Builder plugin < 2.37.4 - Reflected Cross Site Scripting (XSS) vulnerability | IdeaBox Creations | PowerPack for Beaver Builder | High | 7.1 | 2024-08-18 13:41:36 | Deep Dive |
| CVE-2024-43151 | WordPress Ultimate Addons for Beaver Builder – Lite plugin <= 1.5.9 - Cross Site Scripting (XSS) vulnerability | Brainstorm Force | Ultimate Addons for Beaver Builder – Lite | Medium | 6.5 | 2024-08-12 22:11:07 | Deep Dive |
| CVE-2024-39633 | WordPress PowerPack for Beaver Builder plugin <= 2.33.0 - Contributor+ Privilege Escalation vulnerability | IdeaBox | PowerPack for Beaver Builder | High | 8.8 | 2024-08-01 20:34:56 | Deep Dive |
| CVE-2024-37244 | WordPress Ninja Beaver Add-ons for Beaver Builder plugin <= 2.4.5 - Cross Site Scripting (XSS) vulnerability | Ninja Team | Ninja Beaver Add-ons for Beaver Builder | Medium | 6.5 | 2024-07-22 09:13:18 | Deep Dive |
| CVE-2024-37278 | WordPress Cards for Beaver Builder plugin <= 1.1.4 - Cross Site Scripting (XSS) vulnerability | Pratik Chaskar | Cards for Beaver Builder | Medium | 5.9 | 2024-07-22 08:41:29 | Deep Dive |
| CVE-2024-37409 | WordPress PowerPack Lite for Beaver Builder plugin <= 1.3.0.4 - Cross Site Scripting (XSS) vulnerability | IdeaBox Creations | PowerPack Lite for Beaver Builder | Medium | 5.9 | 2024-07-22 08:40:40 | Deep Dive |
| CVE-2024-38784 | WordPress Livemesh Addons for Beaver Builder plugin <= 3.6.1 - Cross Site Scripting (XSS) vulnerability | Livemesh | Livemesh Addons for Beaver Builder | Medium | 5.9 | 2024-07-21 21:11:55 | Deep Dive |
| CVE-2024-37500 | WordPress Beaver Builder plugin <= 2.8.2.2 - Cross Site Scripting (XSS) vulnerability | The Beaver Builder Team | Beaver Builder | Medium | 6.5 | 2024-07-21 07:24:24 | Deep Dive |
| CVE-2024-37919 | WordPress Timeline Module for Beaver Builder plugin <= 1.1.3 - Cross Site Scripting (XSS) vulnerability | Pratik Chaskar | Timeline Module for Beaver Builder | Medium | 5.9 | 2024-07-20 09:00:30 | Deep Dive |