Beaver Builder Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via photo widget crop attribute – CVE-2024-4430 | WordPress Plugin Vulnerability Report
Plugin Name: Beaver Builder
Key Information:
- Software Type: Plugin
- Software Slug: beaver-builder-lite-version
- Software Status: Active
- Software Author: justinbusa
- Software Downloads: 10,167,049
- Active Installs: 100,000
- Last Updated: May 10, 2024
- Patched Versions: 2.8.1.3
- Affected Versions: <= 2.8.1.2
Vulnerability Details:
- Name: Beaver Builder <= 2.8.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via photo widget crop attribute
- Type: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
- CVE: CVE-2024-4430
- CVSS Score: 6.4 (Medium)
- Publicly Published: May 10, 2024
- Researcher: Thanh Nam Tran
- Description: The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the photo widget crop attribute in all versions up to, and including, 2.8.1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Summary:
The Beaver Builder plugin for WordPress has a vulnerability in versions up to and including 2.8.1.2 that allows authenticated attackers with contributor access or higher to inject arbitrary web scripts via the photo widget crop attribute. This vulnerability has been patched in version 2.8.1.3.
Detailed Overview:
Thanh Nam Tran discovered a stored cross-site scripting (XSS) vulnerability in the Beaver Builder plugin for WordPress. The vulnerability exists in the photo widget crop attribute and is caused by insufficient input sanitization and output escaping. This allows authenticated attackers with contributor access or higher to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The vulnerability has been patched in version 2.8.1.3.
Advice for Users:
- Immediate Action: Update the Beaver Builder plugin to version 2.8.1.3 or later to ensure protection against this vulnerability.
- Check for Signs of Vulnerability: Review your website's pages, especially those with photo widgets, for any suspicious scripts or unexpected behavior.
- Alternate Plugins: While a patch is available, users might still consider plugins that offer similar functionality as a precaution.
- Stay Updated: Always ensure that your plugins are updated to the latest versions to avoid vulnerabilities.
The prompt response from the Beaver Builder developers to patch this vulnerability underscores the importance of timely updates. Users are advised to ensure that they are running version 2.8.1.3 or later to secure their WordPress installations.
References:
https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/beaver-builder-lite-version
Detailed Report:
In the ever-evolving world of website security, staying vigilant and keeping your site up to date is of utmost importance. The recent discovery of a vulnerability in the popular Beaver Builder plugin for WordPress underscores this critical need. As a website owner, it's essential to understand the potential risks associated with outdated software and take proactive steps to ensure the safety and integrity of your site.
About Beaver Builder
Beaver Builder is a popular WordPress page builder plugin that allows users to create custom page layouts easily. The plugin has been downloaded over 10 million times and has an active installation base of 100,000 websites. Beaver Builder was last updated on May 10, 2024.
The Vulnerability
The Beaver Builder vulnerability, identified as CVE-2024-4430, is a stored cross-site scripting (XSS) vulnerability discovered by researcher Thanh Nam Tran. The vulnerability exists in the photo widget crop attribute and is caused by insufficient input sanitization and output escaping. This allows authenticated attackers with contributor access or higher to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The vulnerability affects all versions of Beaver Builder up to and including 2.8.1.2.
Risks and Potential Impact
Cross-site scripting vulnerabilities can lead to a range of serious consequences. Attackers can use XSS to deface your website, steal sensitive user information, or even distribute malware to your site's visitors. This can result in a loss of trust from your users, damage to your brand's reputation, and potential financial losses.
Remediating the Vulnerability
To protect your website from this vulnerability, it is crucial to update the Beaver Builder plugin to version 2.8.1.3 or later. If you are unsure about the update process or need assistance, consider reaching out to a professional WordPress developer or security expert.
In addition to updating the plugin, it's essential to:
- Review your website's pages, especially those with photo widgets, for any suspicious scripts or unexpected behavior.
- Consider using alternate plugins that offer similar functionality as a precaution.
- Ensure that all your WordPress plugins, themes, and core software are always updated to the latest versions to avoid vulnerabilities.
Previous Vulnerabilities
It's worth noting that Beaver Builder has had 15 previously reported vulnerabilities since February 2016. This highlights the importance of staying informed about the plugins you use and regularly monitoring for any security updates or patches.
The Importance of Staying Updated
As a small business owner, it can be challenging to find the time to stay on top of website security. However, the consequences of neglecting these updates can be severe. Regularly updating your WordPress site and its components is one of the most effective ways to protect your website from potential threats.
Consider setting aside dedicated time each month to review and update your website's plugins, themes, and core software. Alternatively, you may want to partner with a trusted WordPress maintenance and security service provider who can handle these updates on your behalf, giving you peace of mind and allowing you to focus on running your business.
Don't tackle WordPress security alone - the consequences of a breach are too great. At Your WP Guy, our managed WordPress maintenance services include layers of protection like auto-updates, malware scanning, firewalls and 24/7 monitoring by WordPress experts. We become your outsourced IT team.
Let's chat about migrating your site to our managed hosting so you can finally stop worrying about security issues. We'll fully audit and lock down your site as part of onboarding. Call us at 678-995-5169 to keep your business safe online.