Cross-Site Scripting Vulnerability in Xpro Addons For Beaver Builder - Lite
CVE-2025-48232

6.5MEDIUM

What is CVE-2025-48232?

The Xpro Addons For Beaver Builder - Lite plugin is susceptible to a Cross-site Scripting (XSS) vulnerability that allows attackers to inject malicious scripts into web pages served to users. When exploited, this flaw can lead to serious security breaches, including unauthorized access and data theft. This vulnerability affects versions from n/a through 1.5.5, making it crucial for site administrators to ensure their installations are updated to mitigate potential risks.

Affected Version(s)

Xpro Addons For Beaver Builder &#8211; Lite <= 1.5.5

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Prissy (Patchstack Alliance)
.
The Cyber Security Vulnerability Database.