Vulnerabilities > Fastlinemedia

DATE CVE VULNERABILITY TITLE RISK
2024-10-29 CVE-2024-9505 Cross-site Scripting vulnerability in Fastlinemedia Beaver Builder
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Button widget in all versions up to, and including, 2.8.4.2 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
fastlinemedia CWE-79
5.4
2024-09-27 CVE-2024-9049 Cross-site Scripting vulnerability in Fastlinemedia Beaver Builder
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Button Group module in all versions up to, and including, 2.8.3.6 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
fastlinemedia CWE-79
5.4
2023-12-29 CVE-2023-50889 Unspecified vulnerability in Fastlinemedia Beaver Builder
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The Beaver Builder Team Beaver Builder – WordPress Page Builder allows Stored XSS.This issue affects Beaver Builder – WordPress Page Builder: from n/a through 2.7.2.
network
low complexity
fastlinemedia
5.4
2023-10-26 CVE-2023-5798 Unspecified vulnerability in Fastlinemedia Assistant
The Assistant WordPress plugin before 1.4.4 does not validate a parameter before making a request to it via wp_remote_get(), which could allow users with a role as low as Editor to perform SSRF attacks
network
low complexity
fastlinemedia
8.8
2023-05-08 CVE-2023-1347 Unspecified vulnerability in Fastlinemedia Customizer Export/Import
The Customizer Export/Import WordPress plugin before 0.9.6 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present
network
low complexity
fastlinemedia
7.2
2022-09-06 CVE-2022-2517 Cross-site Scripting vulnerability in Fastlinemedia Beaver Builder
The Beaver Builder – WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Caption - On Hover' value associated with images in versions up to, and including, 2.5.5.2 due to insufficient input sanitization and output escaping.
network
low complexity
fastlinemedia CWE-79
5.4
2022-09-06 CVE-2022-2695 Cross-site Scripting vulnerability in Fastlinemedia Beaver Builder
The Beaver Builder – WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site Scripting via the 'caption' parameter added to images via the media uploader in versions up to, and including, 2.5.5.2 due to insufficient input sanitization and output escaping.
network
low complexity
fastlinemedia CWE-79
5.4
2022-09-06 CVE-2022-2716 Cross-site Scripting vulnerability in Fastlinemedia Beaver Builder
The Beaver Builder – WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Text Editor' block in versions up to, and including, 2.5.5.2 due to insufficient input sanitization and output escaping.
network
low complexity
fastlinemedia CWE-79
5.4
2022-09-06 CVE-2022-2934 Cross-site Scripting vulnerability in Fastlinemedia Beaver Builder
The Beaver Builder – WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Image URL' value found in the Media block in versions up to, and including, 2.5.5.2 due to insufficient input sanitization and output escaping.
network
low complexity
fastlinemedia CWE-79
5.4
2022-09-06 CVE-2022-36425 Unspecified vulnerability in Fastlinemedia Beaver Builder
Broken Access Control vulnerability in Beaver Builder plugin <= 2.5.4.3 at WordPress.
network
low complexity
fastlinemedia
critical
9.8