CVE-2022-0176

CVE-2022-0176: PowerPack Lite for Beaver Builder < 1.2.9.3 - Reflected Cross-Site Scripting

Vendor Unknown
Product PowerPack Lite for Beaver Builder
Weakness CWE-79 · XSS
Published February 14, 2022
Last update August 2, 2024
View on NVD All CVEs

CVSS base score

What the vulnerability does

01Description

The PowerPack Lite for Beaver Builder WordPress plugin before 1.2.9.3 does not sanitise and escape the tab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting

Key dates

02Disclosure timeline

February 14, 2022 CVE published
August 2, 2024 Record updated