CVE-2025-8427 | Beaver Builder Plugin up to 2.9.2.1 on WordPress auto_play cross site scripting

Inserito da Angelo Barbosa | Ott 23, 2025 | CVE

A vulnerability categorized as problematic has been discovered in Beaver Builder Plugin up to 2.9.2.1 on WordPress. This issue affects some unknown processing. The manipulation of the argument auto_play results in cross site scripting.

This vulnerability is reported as CVE-2025-8427. The attack can be launched remotely. No exploit exists.

CVE-2025-8427 | Beaver Builder Plugin up to 2.9.2.1 on WordPress auto_play cross site scripting

Post correlati

CVE-2023-40464 | Sierra Wireless ALEOS up to 4.9.8/4.16 hard-coded key (swi-psa-2023-006)

CVE-2023-52374 | Huawei HarmonyOS/EMUI access control

CVE-2024-24808 | pyLoad up to 0.4.20 get_redirect_url (fe94451)

CVE-2024-26097 | Adobe Experience Manager up to 6.5.19 Form Field cross site scripting (apsb24-21)