Beaver Builder

Beaver Builder

Developer

2.9.4

Latest version

100,000

Installations

Oct 6, 2025

Last updated

WordPress Plugin

No VDP

Claim ownership

Report vulnerability

Vulnerabilities

Vulnerability history

0 present

24 fixed

4 Mitigation rules

Reflected Cross-Site Scripting vulnerability
<= 2.9.2.1
Aug 27, 2025
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
<= 2.8.4.4
Dec 12, 2024
Cross Site Scripting (XSS) vulnerability
<= 2.8.4.3
Dec 2, 2024
Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Button Widget vulnerability
<= 2.8.4.2
Oct 29, 2024
Cross Site Scripting (XSS) vulnerability
<= 2.8.3.7
Oct 24, 2024
Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Button Group Module vulnerability
<= 2.8.3.6
Sep 27, 2024
Authenticated (Contributor+) Stored Cross-Site Scripting via type Parameter vulnerability
<= 2.8.3.5
Aug 29, 2024
Reflected Cross Site Scripting (XSS) vulnerability
<= 2.8.3.2
Aug 26, 2024
Cross Site Scripting (XSS) vulnerability
<= 2.8.2.2
Jul 4, 2024
Authenticated (Contributor+) Stored Cross-Site Scripting via photo widget crop attribute vulnerability
<= 2.8.1.2
May 10, 2024
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
<= 2.8.1.1
May 7, 2024
Authenticated (Contributor+) Stored Cross-Site Scripting via Button vulnerability
<= 2.8.0.5
Apr 2, 2024
Cross Site Scripting (XSS) vulnerability
<= 2.7.4.4
Mar 28, 2024
Authenticated(Contributor+) Stored Cross-Site Scripting via heading tag vulnerability
<= 2.7.4.4
Mar 12, 2024
Authenticated(Contributor+) Stored Cross-Site Scripting via Audio Widget vulnerability
<= 2.7.4.2
Feb 28, 2024
Authenticated (Contributor+) Stored Cross-Site Scripting via Icon Widget vulnerability
<= 2.7.4.2
Feb 21, 2024
Reflected (DOM-Based) Cross-Site Scripting vulnerability
<= 2.7.4.2
Feb 21, 2024
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
<= 2.7.4.2
Feb 21, 2024
Cross Site Scripting (XSS) vulnerability
<= 2.7.2
Dec 26, 2023
Authenticated Stored Cross-Site Scripting (XSS) vulnerability via Caption On Hover
<= 2.5.5.2
Aug 30, 2022
Authenticated Stored Cross-Site Scripting (XSS) vulnerability via caption
<= 2.5.5.2
Aug 30, 2022
Authenticated Stored Cross-Site Scripting (XSS) vulnerability via Image URL
<= 2.5.5.2
Aug 29, 2022
Authenticated Stored Cross-Site Scripting (XSS) vulnerability via Text Editor
<= 2.5.5.2
Aug 29, 2022
Broken Access Control vulnerability
<= 2.5.4.3
Jul 20, 2022