Beaver Builder Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-0897 | WordPress Plugin Vulnerability Report

Plugin Name: Beaver Builder

Key Information:

  • Software Type: Plugin
  • Software Slug: beaver-builder-lite-version
  • Software Status: Active
  • Software Author: justinbusa
  • Software Downloads: 9,597,835
  • Active Installs: 100,000
  • Last Updated: February 20, 2024
  • Patched Versions: 2.7.4.3
  • Affected Versions: <= 2.7.4.2

Vulnerability Details:

  • Name: Beaver Builder – WordPress Page Builder <= 2.7.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
  • Type: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
  • CVE: CVE-2024-0897
  • CVSS Score: 6.4 (Medium)
  • Publicly Published: February 20, 2024
  • Researcher: RandomRoot
  • Description: The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image URL parameter in all versions up to, and including, 2.7.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Summary:

The Beaver Builder plugin for WordPress has an authenticated stored cross-site scripting vulnerability in versions up to and including 2.7.4.2. This allows contributors and higher to inject malicious scripts into pages that will execute when users view those pages. The vulnerability has been patched in version 2.7.4.3.

Detailed Overview:

A vulnerability designated as CVE-2024-0897 was publicly disclosed on February 20th, 2024 impacting the popular WordPress page builder plugin Beaver Builder. Discovered by the security researcher RandomRoot, the vulnerability stems from insufficient sanitization of the image URL parameter, enabling authenticated users with at least contributor access to store malicious cross-site scripts (XSS) that execute whenever a viewer accesses an injected page.

While impact is limited to authenticated users, exploiting this could enable espionage or site defacements. It has been scored with a CVSS severity rating of 6.4 (Medium).

Beaver Builder patched this XSS vulnerability promptly in version 2.7.4.3 following responsible disclosure. Users of Beaver Builder are urged to update immediately.

Advice for Users:

  1. Immediate Action: Update to Beaver Builder version 2.7.4.3 or higher.
  2. Check for Signs of Vulnerability: Review pages and content created by Contributors and Authors for malicious injected scripts.
  3. Alternate Plugins: Consider alternative page builders like Elementor as a precaution.
  4. Stay Updated: Enable automatic updates for Beaver Builder and all plugins to receive important security fixes.

Conclusion:

The responsible disclosure and timely response by Beaver Builder to patch this vulnerability is reassuring. Users should nevertheless take care to update immediately and be vigilant about plugin security. Running up-to-date software is the best defense against threats.

References:

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/beaver-builder-lite-version

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/beaver-builder-lite-version/beaver-builder-wordpress-page-builder-2742-authenticated-contributor-stored-cross-site-scripting

Detailed Report:

Keeping your website secure requires constant vigilance - new threats emerge daily. Case in point: a serious stored cross-site scripting (XSS) vulnerability was recently disclosed impacting popular WordPress page builder Beaver Builder, underscoring the importance of timely software updates.

Beaver Builder is a widely used premium plugin that helps build WordPress pages visually. It has over 9 million downloads and powers over 100,000 sites. On February 20th, security researcher RandomRoot publicly disclosed a stored XSS vulnerability affecting Beaver Builder versions up to and including 2.7.4.2.

This vulnerability allows authenticated users with author/contributor access to inject malicious scripts into Beaver Builder pages and posts. When ordinary visitors load a compromised page, the malicious scripts execute - enabling espionage like stealing visitors' session cookies or defacing the site with unwanted content.

While Beaver Builder rapidly issued a patch in version 2.7.4.3, many users likely still run older vulnerable versions. Without updating, sites face serious risk of exploitation. Even if your particular site wasn't attacked yet, this vulnerability demonstrates how insecure plugins undermine WordPress security.

As a small business owner without ample security resources, a few simple steps can help secure your website:

  • Update Beaver Builder if used to the latest secure version (2.7.4.3+)
  • Enable auto-updates for all plugins to receive important fixes
  • Use a Web Application Firewall (WAF) to block exploits
  • Vet plugins carefully before installing and favor popular maintained ones
  • Periodically scan site for malware and signs of compromise

Staying on top of vulnerabilities like this Beaver Builder XSS exploit is challenging but critical. While not every threat necessitates immediate action, timely software updates are the most basic site hygiene practice.

Security vulnerabilities like this one demonstrate the importance of having WordPress experts regularly monitor, maintain and update your site. At Your WP Guy, we offer ongoing management to handle updates, security monitoring, backups, uptime and support so you can stop worrying and get back to growing your business.

Let us fully audit your site to check for any signs of this vulnerability or other issues. We'll immediately update any out-of-date plugins and harden your site's security. Chat with us anytime during business hours, schedule a call or call 678-995-5169 to lock down your online presence.

Beaver Builder Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-0897 | WordPress Plugin Vulnerability Report FAQs

Leave a Comment