Skip to main content

Beaver Builder EUVDEUVD-2026-22897

| CVE-2026-40744 HIGH
SQL Injection (CWE-89)
2026-04-15 Patchstack
8.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.5 HIGH
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
None
Availability
Low

Lifecycle Timeline

3
CVSS changed
Apr 16, 2026 - 15:22 NVD
8.5 (HIGH)
EUVD ID Assigned
Apr 15, 2026 - 10:45 euvd
EUVD-2026-22897
CVE Published
Apr 15, 2026 - 10:21 nvd
HIGH 8.5

DescriptionCVE.org

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Beaver Builder Beaver Builder beaver-builder-lite-version allows Blind SQL Injection.This issue affects Beaver Builder: from n/a through <= 2.10.1.2.

Analysis

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Beaver Builder Beaver Builder beaver-builder-lite-version allows Blind SQL Injection.This issue affects Beaver Builder: from n/a through <= 2.10.1.2.

CVE-2022-36425 CRITICAL
9.8 Sep 06

Broken Access Control vulnerability in Beaver Builder plugin <= 2.5.4.3 at WordPress. Rated critical severity (CVSS 9.8)

CVE-2025-4102 HIGH
7.2 Jun 20

The Beaver Builder Plugin (Starter Version) for WordPress contains an arbitrary file upload vulnerability in the 'save_e

CVE-2023-50889 MEDIUM
6.5 Dec 29

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The Beaver Builder

CVE-2024-4430 MEDIUM
6.4 May 14

The Beaver Builder - WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ph

CVE-2024-1074 MEDIUM
6.4 Mar 13

The Beaver Builder - WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the au

CVE-2024-3923 MEDIUM
6.4 May 14

The Beaver Builder - WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the li

CVE-2024-2925 MEDIUM
6.4 Apr 02

The Beaver Builder - WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the pl

CVE-2024-0896 MEDIUM
6.4 Mar 13

The Beaver Builder - WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the bu

CVE-2024-0897 MEDIUM
6.4 Mar 13

The Beaver Builder - WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the im

CVE-2024-1080 MEDIUM
6.4 Mar 13

The Beaver Builder - WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the vi

CVE-2024-43926 MEDIUM
6.1 Aug 29

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Beaver

CVE-2024-1038 MEDIUM
5.4 Mar 13

The Beaver Builder - WordPress Page Builder plugin for WordPress is vulnerable to DOM-Based Reflected Cross-Site Scripti

Share

EUVD-2026-22897 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy