Beaver Builder – WordPress Page Builder Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via type Parameter – CVE-2024-7895 | WordPress Plugin Vulnerability Report

Plugin Name: Beaver Builder – WordPress Page Builder

Key Information:

  • Software Type: Plugin
  • Software Slug: beaver-builder-lite-version
  • Software Status: Active
  • Software Author: justinbusa
  • Software Downloads: 10,741,953
  • Active Installs: 100,000
  • Last Updated: September 3, 2024
  • Patched Versions: 2.8.3.6
  • Affected Versions: <= 2.8.3.5

Vulnerability Details:

  • Name: Beaver Builder (Lite Version) <= 2.8.3.5
  • Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
  • CVE: CVE-2024-7895
  • CVSS Score: 6.4
  • Publicly Published: August 28, 2024
  • Researcher: zer0gh0st
  • Description: The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting (XSS) via the ‘type’ parameter in all versions up to and including 2.8.3.5. Due to insufficient input sanitization and output escaping, authenticated attackers with Contributor-level access or higher can inject arbitrary web scripts. These scripts will execute whenever a user accesses the page containing the injected content, potentially compromising user data or leading to further exploitation.

Summary:

The Beaver Builder – WordPress Page Builder for WordPress has a vulnerability in versions up to and including 2.8.3.5 that allows authenticated attackers with Contributor-level permissions or higher to inject malicious scripts through the ‘type’ parameter. This Stored Cross-Site Scripting (XSS) vulnerability is caused by improper input sanitization and output escaping, leading to the execution of harmful scripts when affected pages are accessed. The vulnerability has been patched in version 2.8.3.6.

Detailed Overview:

This vulnerability was discovered by the researcher zer0gh0st and involves a Stored Cross-Site Scripting (XSS) flaw in the Beaver Builder – WordPress Page Builder plugin. The issue arises from inadequate sanitization of the ‘type’ parameter, allowing attackers with Contributor-level access to inject harmful scripts. When another user views the injected page, the scripts execute, potentially leading to data compromise or unauthorized actions.

With a CVSS score of 6.4, this vulnerability presents a moderate risk. While only authenticated users with Contributor or higher permissions can exploit this issue, it remains a significant risk for sites with multiple contributors. The vulnerability could lead to the theft of user data or enable further attacks by manipulating the compromised site.

The issue has been patched in version 2.8.3.6, and updating the plugin is the primary step to mitigate the risk.

Advice for Users:

  • Immediate Action: If you are using Beaver Builder – WordPress Page Builder, it is crucial to update to version 2.8.3.6 or later to patch this vulnerability and protect your site from potential exploitation.
  • Check for Signs of Vulnerability: To identify if your site has been compromised, check your logs for any suspicious script injections or look for unusual behavior on pages managed by Contributor-level users.
  • Alternate Plugins: If you are concerned about security risks, consider using an alternative page builder plugin that prioritizes security measures and input sanitization. However, with the vulnerability patched, Beaver Builder remains a reliable option when kept updated.
  • Stay Updated: Ensure that your plugins are updated regularly to the latest versions to avoid potential vulnerabilities. Set up automatic updates or implement a routine for monitoring plugin updates to keep your site secure.

Conclusion:

The quick response by the Beaver Builder – WordPress Page Builder development team to patch this vulnerability emphasizes the importance of timely updates. Users should update to version 2.8.3.6 or later to secure their WordPress installations against potential XSS attacks. Regular updates and proactive monitoring are critical to maintaining the security and functionality of your WordPress website.

References:

Detailed Report: 

Introduction:

Keeping your WordPress website secure is essential for protecting your business, especially if you’re relying on plugins for added functionality. Unfortunately, security vulnerabilities in outdated plugins can expose your site to attacks. One recent issue involves the widely-used Beaver Builder – WordPress Page Builder plugin, which has a vulnerability affecting versions up to and including 2.8.3.5. This flaw, classified as Stored Cross-Site Scripting (XSS), allows authenticated users with Contributor-level access or higher to inject malicious scripts into your site through the ‘type’ parameter. These scripts can be triggered when other users access affected pages, leading to potential data theft or further exploitation.

The good news is that this vulnerability has been patched in version 2.8.3.6, but if you haven’t updated your plugin yet, your website may still be vulnerable. Below, we’ll cover everything you need to know about this vulnerability, the risks it poses, and how to protect your site moving forward.

Plugin Overview:

The Beaver Builder – WordPress Page Builder plugin is a popular tool used by WordPress site owners to easily build and design pages. With over 10 million downloads and 100,000 active installations, it is trusted by many small businesses to create dynamic websites. However, like all plugins, keeping it updated is critical for security.

This vulnerability stems from the Stored Cross-Site Scripting (XSS) flaw, which affects the plugin’s handling of the ‘type’ parameter. The lack of proper input sanitization and output escaping makes it possible for authenticated users with Contributor-level permissions to inject harmful scripts. Once these scripts are injected, they can be executed by other users when viewing the affected page, potentially allowing attackers to steal data or manipulate site content.

Risks and Potential Impacts:

While the vulnerability is limited to Contributor-level users or higher, it still poses a moderate risk with a CVSS score of 6.4. Websites that allow multiple users with these permissions are particularly at risk. Malicious actors could use this vulnerability to inject harmful scripts that can compromise user data or execute further attacks. Additionally, the XSS flaw could enable unauthorized actions or expose sensitive information if exploited alongside other vulnerabilities.

Even if your website is small or only has a few users, leaving this vulnerability unpatched exposes you to unnecessary risks.

Remediation:

To protect your website from this vulnerability, follow these steps:

  1. Immediate Action: Update the Beaver Builder – WordPress Page Builder plugin to version 2.8.3.6 or later, which addresses this XSS flaw by properly sanitizing the ‘type’ parameter and escaping outputs.
  2. Check for Signs of Vulnerability: Review your website’s logs to detect any unusual activity, such as suspicious script injections. Additionally, monitor Contributor-level user activity to ensure no harmful scripts have been uploaded.
  3. Consider Alternate Plugins: If you are still concerned about security, you might explore alternative page builder plugins with a stronger focus on security. While Beaver Builder is safe when updated, alternatives like Elementor Pro or Thrive Architect may also offer the functionality you need.
  4. Stay Updated: Ensure that your WordPress plugins, including Beaver Builder, are regularly updated. Enable automatic updates or set a reminder to check for updates to avoid future vulnerabilities.

Previous Vulnerabilities:

It’s important to note that the Beaver Builder – WordPress Page Builder plugin has had 18 previous vulnerabilities reported since February 8, 2016. All these issues were addressed through timely patches, further emphasizing the need for regular updates to keep your site secure. Each of these vulnerabilities could have exposed your site to risks if left unpatched, making it essential to stay current on updates.

Conclusion:

For busy small business owners, keeping up with plugin updates can feel like a daunting task, but it’s crucial for ensuring your website remains secure. Vulnerabilities like the one found in Beaver Builder can be exploited by attackers to steal data, inject harmful scripts, or cause other damage to your site. By staying on top of security updates and monitoring your website for unusual activity, you can protect your business and your customers from potential threats.

If you don’t have the time to manage these updates yourself, consider using automatic updates or working with a security professional to monitor your website’s health. Regular updates are key to preventing vulnerabilities and ensuring your WordPress site remains safe and functional.

Staying Secure

Staying on top of WordPress security can feel overwhelming for small business owners without dedicated IT staff. At Your WP Guy, we exist to shoulder that burden for you. Our WordPress experts can fully audit, secure, maintain and support your site - so you can focus on growing your business with peace of mind.

Don't tackle security risks alone. Let us help you assess any impact from this vulnerability, update your plugins, and implement ongoing maintenance to avoid future threats. We treat your website like it's our own - because we know how critical it is for reaching your customers.

Get in touch for a free consultation today on making WordPress security stress-free. Call 678-995-5169 or book a call here. Our knowledgeable team is ready to help you safeguard your online presence.

Beaver Builder – WordPress Page Builder Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via type Parameter – CVE-2024-7895 | WordPress Plugin Vulnerability Report FAQs

Leave a Comment