Vulnerabilities > Fastlinemedia
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-06 | CVE-2022-2695 | Cross-site Scripting vulnerability in Fastlinemedia Beaver Builder The Beaver Builder – WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site Scripting via the 'caption' parameter added to images via the media uploader in versions up to, and including, 2.5.5.2 due to insufficient input sanitization and output escaping. | 5.4 |
| 2022-09-06 | CVE-2022-2716 | Cross-site Scripting vulnerability in Fastlinemedia Beaver Builder The Beaver Builder – WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Text Editor' block in versions up to, and including, 2.5.5.2 due to insufficient input sanitization and output escaping. | 5.4 |
| 2022-09-06 | CVE-2022-2934 | Cross-site Scripting vulnerability in Fastlinemedia Beaver Builder The Beaver Builder – WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Image URL' value found in the Media block in versions up to, and including, 2.5.5.2 due to insufficient input sanitization and output escaping. | 5.4 |
| 2022-09-06 | CVE-2022-36425 | Unspecified vulnerability in Fastlinemedia Beaver Builder Broken Access Control vulnerability in Beaver Builder plugin <= 2.5.4.3 at WordPress. | 9.8 |
| 2022-01-10 | CVE-2021-42748 | Forced Browsing vulnerability in Fastlinemedia Beaver Builder In Beaver Builder through 2.5.0.3, attackers can bypass the visibility controls protection mechanism via the REST API. | 5.3 |
| 2022-01-10 | CVE-2021-42749 | Exposure of Resource to Wrong Sphere vulnerability in Fastlinemedia Beaver Themer In Beaver Themer, attackers can bypass conditional logic controls (for hiding content) when viewing the post archives. | 5.3 |