Vulnerabilities > Ideabox > Powerpack FOR Beaver Builder > 1.2.9.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-17 | CVE-2024-12239 | Cross-site Scripting vulnerability in Ideabox Powerpack for Beaver Builder The PowerPack Lite for Beaver Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the navigate parameter in all versions up to, and including, 1.3.0.5 due to insufficient input sanitization and output escaping. | 6.1 |
| 2024-07-22 | CVE-2024-37409 | Cross-site Scripting vulnerability in Ideabox Powerpack for Beaver Builder Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Beaver Addons PowerPack Lite for Beaver Builder allows Stored XSS.This issue affects PowerPack Lite for Beaver Builder: from n/a through 1.3.0.4. | 5.4 |
| 2024-07-09 | CVE-2024-37410 | Path Traversal vulnerability in Ideabox Powerpack for Beaver Builder Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Beaver Addons PowerPack Lite for Beaver Builder allows Path Traversal.This issue affects PowerPack Lite for Beaver Builder: from n/a through 1.3.0.3. | 7.2 |
| 2024-04-09 | CVE-2024-2289 | Cross-site Scripting vulnerability in Ideabox Powerpack for Beaver Builder The PowerPack Lite for Beaver Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the link in multiple elements in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |