cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-12239,https://securityvulnerability.io/vulnerability/CVE-2024-12239,Reflected Cross-Site Scripting Vulnerability in PowerPack Lite for Beaver Builder Plugin,"The PowerPack Lite for Beaver Builder plugin for WordPress contains a critical vulnerability that allows for reflected cross-site scripting (XSS). This flaw, affecting all versions up to and including 1.3.0.5, is due to inadequate input sanitization and output escaping on the navigate parameter. Unauthenticated attackers can exploit this vulnerability by tricking an administrative user into executing a malicious script, potentially compromising the integrity of their web pages. It is crucial for administrators to understand this risk and apply any necessary updates or security measures to mitigate potential attacks.",Wordpress,Powerpack Lite For Beaver Builder,6.1,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,2024-12-17T01:45:15.497Z,0
CVE-2024-2289,https://securityvulnerability.io/vulnerability/CVE-2024-2289,Stored Cross-Site Scripting Vulnerability in PowerPack Lite for Beaver Builder Plugin,"The PowerPack Lite for Beaver Builder plugin for WordPress is susceptible to a Stored Cross-Site Scripting vulnerability, resulting from inadequate input sanitization and output escaping on user-supplied attributes. This flaw affects all versions up to and including 1.3.0 and enables attackers with contributor-level permissions or higher to inject arbitrary web scripts into pages. Consequently, these scripts may execute when users visit compromised pages, potentially compromising user data and site integrity.",Wordpress,Powerpack Lite For Beaver Builder,6.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,2024-04-09T18:59:10.873Z,0
CVE-2022-0176,https://securityvulnerability.io/vulnerability/CVE-2022-0176,PowerPack Lite for Beaver Builder < 1.2.9.3 - Reflected Cross-Site Scripting,"The PowerPack Lite for Beaver Builder WordPress plugin before 1.2.9.3 does not sanitise and escape the tab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting",Wordpress,Powerpack Lite For Beaver Builder,6.1,MEDIUM,0.0007399999885819852,false,,false,false,false,,false,false,2022-02-14T09:20:56.000Z,0