Authorization Flaw in Xpro Addons for Beaver Builder by Xpro
CVE-2026-32395

5.3MEDIUM

What is CVE-2026-32395?

A missing authorization vulnerability has been identified in the Xpro Addons For Beaver Builder – Lite plugin, which can lead to incorrectly configured access control security levels. This could allow unauthorized users to access restricted areas within the application. The issue is present in versions up to and including 1.5.6, potentially affecting the functionality and security of websites utilizing the affected plugin.

Affected Version(s)

Xpro Addons For Beaver Builder – Lite 0 <= 1.5.6

References

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Nabil Irawan | Patchstack Bug Bounty Program
.