Vulnerabilities > Fastlinemedia

DATE CVE VULNERABILITY TITLE RISK
2023-12-29 CVE-2023-50889 Cross-site Scripting vulnerability in Fastlinemedia Beaver Builder
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The Beaver Builder Team Beaver Builder – WordPress Page Builder allows Stored XSS.This issue affects Beaver Builder – WordPress Page Builder: from n/a through 2.7.2.
network
low complexity
fastlinemedia CWE-79
5.4
5.4
2023-10-26 CVE-2023-5798 Unspecified vulnerability in Fastlinemedia Assistant
The Assistant WordPress plugin before 1.4.4 does not validate a parameter before making a request to it via wp_remote_get(), which could allow users with a role as low as Editor to perform SSRF attacks
network
low complexity
fastlinemedia
8.8
8.8
2023-05-08 CVE-2023-1347 Unspecified vulnerability in Fastlinemedia Customizer Export/Import
The Customizer Export/Import WordPress plugin before 0.9.6 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present
network
low complexity
fastlinemedia
7.2
7.2
2022-09-06 CVE-2022-36425 Unspecified vulnerability in Fastlinemedia Beaver Builder
Broken Access Control vulnerability in Beaver Builder plugin <= 2.5.4.3 at WordPress.
network
low complexity
fastlinemedia
critical
 9.8
9.8
2022-01-10 CVE-2021-42748 Forced Browsing vulnerability in Fastlinemedia Beaver Builder
In Beaver Builder through 2.5.0.3, attackers can bypass the visibility controls protection mechanism via the REST API.
network
low complexity
fastlinemedia CWE-425
5.3
5.3
2022-01-10 CVE-2021-42749 Exposure of Resource to Wrong Sphere vulnerability in Fastlinemedia Beaver Themer
In Beaver Themer, attackers can bypass conditional logic controls (for hiding content) when viewing the post archives.
network
low complexity
fastlinemedia CWE-668
5.0
5.0