Vulnerabilities > Ideabox > Powerpack FOR Beaver Builder > 1.3.0.1

DATE CVE VULNERABILITY TITLE RISK
2024-12-17 CVE-2024-12239 Cross-site Scripting vulnerability in Ideabox Powerpack for Beaver Builder
The PowerPack Lite for Beaver Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the navigate parameter in all versions up to, and including, 1.3.0.5 due to insufficient input sanitization and output escaping.
network
low complexity
ideabox CWE-79
6.1
6.1
2024-08-18 CVE-2024-43330 Cross-site Scripting vulnerability in Ideabox Powerpack for Beaver Builder
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in IdeaBox Creations PowerPack for Beaver Builder allows Reflected XSS.This issue affects PowerPack for Beaver Builder: from n/a before 2.37.4.
network
low complexity
ideabox CWE-79
6.1
6.1
2024-07-22 CVE-2024-37409 Cross-site Scripting vulnerability in Ideabox Powerpack for Beaver Builder
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Beaver Addons PowerPack Lite for Beaver Builder allows Stored XSS.This issue affects PowerPack Lite for Beaver Builder: from n/a through 1.3.0.4.
network
low complexity
ideabox CWE-79
5.4
5.4
2024-07-09 CVE-2024-37410 Path Traversal vulnerability in Ideabox Powerpack for Beaver Builder
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Beaver Addons PowerPack Lite for Beaver Builder allows Path Traversal.This issue affects PowerPack Lite for Beaver Builder: from n/a through 1.3.0.3.
network
low complexity
ideabox CWE-22
7.2
7.2