← Back

Ultimate Addons For Beaver Builder

ultimate_addons_for_beaver_builder

Vendor: Brainstormforce • 9 CVEs

CVEs (9)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-43151
1Brainstormforce
1Ultimate Addons For Beaver Builder
May 27, 2025
Aug 12, 2024
N/A· v4
5.4 MEDIUM· v3
N/A· v2
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder – Lite allows Stored XSS.This issue affects Ultimate Addons...Show more
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder – Lite allows Stored XSS.This issue affects Ultimate Addons for Beaver Builder – Lite: from n/a through 1.5.9.Show less
CVE-2023-51401
1Brainstormforce
1Ultimate Addons For Beaver Builder
May 13, 2025
May 17, 2024
N/A· v4
6.5 MEDIUM· v3
N/A· v2
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder allows Relative Path Traversal.This issue affects Ultimate Addons for Be...Show more
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder allows Relative Path Traversal.This issue affects Ultimate Addons for Beaver Builder: from n/a through 1.35.13.Show less
CVE-2023-51398
1Brainstormforce
1Ultimate Addons For Beaver Builder
May 13, 2025
May 17, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
Improper Privilege Management vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder allows Privilege Escalation.This issue affects Ultimate Addons for Beaver Builder: from n/a through 1.35.14.
CVE-2024-2144
1Brainstormforce
1Ultimate Addons For Beaver Builder
Apr 8, 2026
Mar 30, 2024
N/A· v4
5.4 MEDIUM· v3
N/A· v2
The Ultimate Addons for Beaver Builder – Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Separator widget in all versions up to, and including, 1.5.7 due to insufficient input sanitiz...Show more
The Ultimate Addons for Beaver Builder – Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Separator widget in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.Show less
CVE-2024-2143
1Brainstormforce
1Ultimate Addons For Beaver Builder
Apr 8, 2026
Mar 30, 2024
N/A· v4
5.4 MEDIUM· v3
N/A· v2
The Ultimate Addons for Beaver Builder – Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Heading widget in all versions up to, and including, 1.5.7 due to insufficient input sanitization an...Show more
The Ultimate Addons for Beaver Builder – Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Heading widget in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.Show less
CVE-2024-2142
1Brainstormforce
1Ultimate Addons For Beaver Builder
Apr 8, 2026
Mar 30, 2024
N/A· v4
5.4 MEDIUM· v3
N/A· v2
The Ultimate Addons for Beaver Builder – Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Info Table widget in all versions up to, and including, 1.5.7 due to insufficient input sanitization...Show more
The Ultimate Addons for Beaver Builder – Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Info Table widget in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.Show less
CVE-2024-2141
1Brainstormforce
1Ultimate Addons For Beaver Builder
Apr 8, 2026
Mar 30, 2024
N/A· v4
5.4 MEDIUM· v3
N/A· v2
The Ultimate Addons for Beaver Builder – Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Button widget in all versions up to, and including, 1.5.7 due to insufficient input sanitization and...Show more
The Ultimate Addons for Beaver Builder – Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Button widget in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.Show less
CVE-2024-2140
1Brainstormforce
1Ultimate Addons For Beaver Builder
Apr 8, 2026
Mar 30, 2024
N/A· v4
5.4 MEDIUM· v3
N/A· v2
The Ultimate Addons for Beaver Builder – Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Advanced Icons widget in all versions up to, and including, 1.5.7 due to insufficient input sanitiza...Show more
The Ultimate Addons for Beaver Builder – Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Advanced Icons widget in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.Show less
CVE-2023-23882
1Brainstormforce
1Ultimate Addons For Beaver Builder
Apr 28, 2026
Jan 17, 2024
N/A· v4
4.3 MEDIUM· v3
N/A· v2
Missing Authorization vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder – Lite.This issue affects Ultimate Addons for Beaver Builder – Lite: from n/a through 1.5.5.