VYPR

Beaver Builder Lite Version

by WordPress

Source repositories

CVEs (3)

  • CVE-2026-40744HigApr 15, 2026
    risk 0.55cvss 8.5epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Beaver Builder Beaver Builder beaver-builder-lite-version allows Blind SQL Injection.This issue affects Beaver Builder: from n/a through <= 2.10.1.2.

  • CVE-2025-69319HigJan 22, 2026
    risk 0.49cvss 7.5epss 0.00

    Improper Control of Generation of Code ('Code Injection') vulnerability in Beaver Builder Beaver Builder beaver-builder-lite-version allows Code Injection.This issue affects Beaver Builder: from n/a through <= 2.9.4.1.

  • CVE-2025-12934HigDec 23, 2025
    risk 0.46cvss 8.1epss 0.00

    The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'duplicate_wpml_layout' function in all versions up to, and including, 2.9.4.1. This makes it possible for…