Vulnerabilities > Brainstormforce > Ultimate Addons FOR Beaver Builder > 1.5.0

DATE	CVE	VULNERABILITY TITLE	RISK
2024-05-17	CVE-2023-51398	Unspecified vulnerability in Brainstormforce Ultimate Addons for Beaver Builder Improper Privilege Management vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder allows Privilege Escalation.This issue affects Ultimate Addons for Beaver Builder: from n/a through 1.35.14. network low complexity brainstormforce	8.8
2024-05-17	CVE-2023-51401	Unspecified vulnerability in Brainstormforce Ultimate Addons for Beaver Builder Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder allows Relative Path Traversal.This issue affects Ultimate Addons for Beaver Builder: from n/a through 1.35.13. network low complexity brainstormforce	6.5
2024-03-30	CVE-2024-2140	Cross-site Scripting vulnerability in Brainstormforce Ultimate Addons for Beaver Builder The Ultimate Addons for Beaver Builder – Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Advanced Icons widget in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. network low complexity brainstormforce CWE-79	5.4
2024-03-30	CVE-2024-2141	Cross-site Scripting vulnerability in Brainstormforce Ultimate Addons for Beaver Builder The Ultimate Addons for Beaver Builder – Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Button widget in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. network low complexity brainstormforce CWE-79	5.4
2024-03-30	CVE-2024-2142	Cross-site Scripting vulnerability in Brainstormforce Ultimate Addons for Beaver Builder The Ultimate Addons for Beaver Builder – Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Info Table widget in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. network low complexity brainstormforce CWE-79	5.4
2024-03-30	CVE-2024-2143	Cross-site Scripting vulnerability in Brainstormforce Ultimate Addons for Beaver Builder The Ultimate Addons for Beaver Builder – Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Heading widget in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. network low complexity brainstormforce CWE-79	5.4
2024-03-30	CVE-2024-2144	Cross-site Scripting vulnerability in Brainstormforce Ultimate Addons for Beaver Builder The Ultimate Addons for Beaver Builder – Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Separator widget in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. network low complexity brainstormforce CWE-79	5.4

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.