CVE-2023-50889
WordPress Beaver Builder Plugin <= 2.7.2 is vulnerable to Cross Site Scripting (XSS)Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The Beaver Builder Team Beaver Builder – WordPress Page Builder allows Stored XSS.This issue affects Beaver Builder – WordPress Page Builder: from n/a through 2.7.2.
We have discovered 46,166 live websites that are affected by CVE-2023-50889.
Affected Software
| Product | |
| Category | Wordpress Plugins |
| Vulnerable Domains | 46,166 live websites (31.18% of Beaver Builder install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 282 versions ( 86.50% of all versions) |
Common Weakness Enumeration
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')Details
- Published - Dec 29, 2023
- Updated - Aug 2, 2024
Credits
- Rafie Muhammad (Patchstack) (finder)
CWE
CVE References
CWE References
CVE-2023-50889 usage by Country
 United States | 32,382 websites |
 Germany | 1,846 websites |
 Japan | 1,617 websites |
 GB | 1,587 websites |
 France | 1,073 websites |
 Singapore | 957 websites |
 China | 778 websites |
 Australia | 722 websites |
 Netherlands | 615 websites |
 Canada | 429 websites |
CVE-2023-50889 usage by TLD
| .com | 31,785 websites |
| .org | 2,434 websites |
| .co.uk | 1,279 websites |
| .net | 1,159 websites |
| .com.au | 1,019 websites |
| .de | 968 websites |
| .ca | 785 websites |
| .nl | 656 websites |
| .jp | 456 websites |
| .fr | 318 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2023-50889
Top websites that are affected by CVE-2023-50889. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| **************.com | United States | **,*** | |
| ****.ca | United States | **,*** | |
| **********.com | United States | **,*** | |
| **********.com | United States | **,*** | |
| **********.com | United States | **,*** | |
| ************.com | United States | **,*** | |
| *********.com | United States | **,*** | |
| ********.com | United States | ***,*** | |
| *****.com | United States | ***,*** | |
| ***********.org | United States | ***,*** |
FAQ
CVE-2023-50889 is Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Beaver Builder
A total of 46,166 websites have been identified as vulnerable to CVE-2023-50889, discovered through global website indexing conducted by WebTechSurvey.
Beaver Builder is susceptible to CVE-2023-50889 vulnerability.
Beaver Builder versions before, and including, 2.7.2 are vulnerable to CVE-2023-50889.