beaverbuilder — Vulnerabilities & Security Advisories 21

Browse all 21 CVE security advisories affecting beaverbuilder. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products beaverbuilder:Beaver Builder Page Builder – Drag and Drop Website Builder Customizer Export/Import

CVE ID	Title	CVSS	Severity	Paused
CVE-2026-2481	Beaver Builder Page Builder – Drag and Drop Website Builder <= 2.10.1.1 - Authenticated (Author+) Stored Cross-Site Scripting via 'settings[js]' — Beaver Builder Page Builder – Drag and Drop Website BuilderCWE-79	6.4	Medium	2026-04-08
CVE-2026-1231	Beaver Builder Page Builder – Drag and Drop Website Builder <= 2.10.0.5 - Authenticated (Custom+) Missing Authorization to Stored Cross-Site Scripting via Global Settings — Beaver Builder Page Builder – Drag and Drop Website BuilderCWE-79	6.4	Medium	2026-02-11
CVE-2025-12934	Beaver Builder – WordPress Page Builder <= 2.9.4.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Update — Beaver Builder Page Builder – Drag and Drop Website BuilderCWE-862	8.1	High	2025-12-23
CVE-2025-12558	Beaver Builder – WordPress Page Builder <= 2.9.4 - Authenticated (Contributor+) Sensitive Information Exposure — Beaver Builder Page Builder – Drag and Drop Website BuilderCWE-200	4.3	Medium	2025-12-09
CVE-2025-12782	Beaver Builder – WordPress Page Builder <= 2.9.4 - Missing Authorization to Authenticated (Contributor+) Builder Status Tampering — Beaver Builder Page Builder – Drag and Drop Website BuilderCWE-862	4.3	Medium	2025-12-04
CVE-2025-11726	Beaver Builder – WordPress Page Builder <= 2.9.4 - Missing Authorization to Authenticated (Contributor+) Global Preset Modification — Beaver Builder Page Builder – Drag and Drop Website BuilderCWE-862	4.3	Medium	2025-12-02
CVE-2025-8897	Beaver Builder Plugin (Lite Version) <= 2.9.2.1 - Reflected Cross-Site Scripting — Beaver Builder Page Builder – Drag and Drop Website BuilderCWE-79	6.1	Medium	2025-08-28
CVE-2024-11832	Beaver Builder – WordPress Page Builder <= 2.8.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting — Beaver Builder Page Builder – Drag and Drop Website BuilderCWE-79	6.4	Medium	2024-12-13
CVE-2024-9505	Beaver Builder – WordPress Page Builder <= 2.8.4.2 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Button Widget — Beaver Builder Page Builder – Drag and Drop Website BuilderCWE-79	6.4	Medium	2024-10-29
CVE-2024-9049	Beaver Builder – WordPress Page Builder <= 2.8.3.6 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Button Group Module — Beaver Builder Page Builder – Drag and Drop Website BuilderCWE-79	6.4	Medium	2024-09-27
CVE-2024-7620	Customizer Export/Import <= 0.9.7 - Authenticated (Admin+) Arbitrary File Upload via Customization Settings Import — Customizer Export/ImportCWE-434	6.6	Medium	2024-09-07
CVE-2024-7895	Beaver Builder (Lite Version) <= 2.8.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via type Parameter — Beaver Builder Page Builder – Drag and Drop Website BuilderCWE-79	6.4	Medium	2024-08-29
CVE-2024-4430	Beaver Builder <= 2.8.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via photo widget crop attribute — Beaver Builder Page Builder – Drag and Drop Website BuilderCWE-79	6.4	Medium	2024-05-10
CVE-2024-3923	Beaver Builder – WordPress Page Builder <= 2.8.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Beaver Builder Page Builder – Drag and Drop Website BuilderCWE-79	6.4	Medium	2024-05-09
CVE-2024-2925	Beaver Builder – WordPress Page Builder <= 2.8.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button — Beaver Builder Page Builder – Drag and Drop Website BuilderCWE-79	6.4	Medium	2024-04-02
CVE-2024-1038	Beaver Builder – WordPress Page Builder <= 2.7.4.2 - Reflected (DOM-Based) Cross-Site Scripting — Beaver Builder Page Builder – Drag and Drop Website BuilderCWE-79	5.4	Medium	2024-03-13
CVE-2024-1080	Beaver Builder – WordPress Page Builder <= 2.7.4.4 - Authenticated(Contributor+) Stored Cross-Site Scripting via heading tag — Beaver Builder Page Builder – Drag and Drop Website BuilderCWE-79	6.4	Medium	2024-03-13
CVE-2024-1074	Beaver Builder – WordPress Page Builder <= 2.7.4.2 - Authenticated(Contributor+) Stored Cross-Site Scripting via Audio Widget — Beaver Builder Page Builder – Drag and Drop Website BuilderCWE-79	6.4	Medium	2024-03-13
CVE-2024-0896	Beaver Builder – WordPress Page Builder <= 2.7.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Beaver Builder Page Builder – Drag and Drop Website BuilderCWE-79	6.4	Medium	2024-03-13
CVE-2024-0871	Beaver Builder <= 2.7.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Icon Widget — Beaver Builder Page Builder – Drag and Drop Website BuilderCWE-79	5.4	Medium	2024-03-13
CVE-2024-0897	Beaver Builder – WordPress Page Builder <= 2.7.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Beaver Builder Page Builder – Drag and Drop Website BuilderCWE-79	6.4	Medium	2024-03-13

This page lists every published CVE security advisory associated with beaverbuilder. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Support Us — Your donation helps us keep running

beaverbuilder — Vulnerabilities & Security Advisories 21