Vulnerabilities > Brainstormforce > Cards FOR Beaver Builder > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-22 | CVE-2024-37278 | Unspecified vulnerability in Brainstormforce Cards for Beaver Builder Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pratik Chaskar Cards for Beaver Builder.This issue affects Cards for Beaver Builder: from n/a through 1.1.4. | 5.4 |
| 2024-04-09 | CVE-2024-2305 | Cross-site Scripting vulnerability in Brainstormforce Cards for Beaver Builder The Cards for Beaver Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the BootstrapCard link in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |