Reflected XSS Vulnerability in PowerPack for Beaver Builder
CVE-2024-43330
7.1HIGH
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 18 August 2024
What is CVE-2024-43330?
A security vulnerability has been identified in PowerPack for Beaver Builder, where improper neutralization of input during web page generation can lead to reflected Cross-site Scripting (XSS) attacks. This can allow attackers to execute arbitrary scripts in the context of a user's browser, potentially compromising sensitive information or delivering malicious payloads. The issue specifically affects versions of PowerPack for Beaver Builder prior to 2.37.4. It is essential for users to update to the latest version to mitigate these risks.
Affected Version(s)
PowerPack for Beaver Builder < 2.37.4