Beaver Builder < 2.5.4.4 – Subscriber+ Arbitrary Post Builder Layout Disabling | CVE 2022-36425

Description

The plugin does not have authorisation and CSRF checks in the fl_builder_disable AJAX action, which could allow any authenticated users, such as subscriber to disable the builder layout of arbitrary posts

Note: The original advisory mentions the issue has been fixed, however only a CSRF check has been added, proper authorisation is still missing.

Affects Plugins

beaver-builder-lite-version

Fixed in 2.5.4.4

References

CVE

CVE-2022-36425

Classification

Type

NO AUTHORISATION

OWASP top 10

A5: Broken Access Control

CWE

CWE-862

CVSS

5.4 (medium)

Miscellaneous

Original Researcher

Dave Jong

Verified

WPVDB ID

5756b2e9-091f-49ab-adc3-a3ef73e1bfe2

Timeline

Publicly Published

2022-07-20 (about 3 years ago)

Added

2022-09-06 (about 3 years ago)

Last Updated

2022-09-06 (about 3 years ago)

Other

Published

Title

Published

2024-11-14

Title

Tutor LMS Elementor Addons < 2.1.6 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Installation

Published

2025-06-18

Title

AIO WP Builder <= 2.0.2 - Missing Authorization

Published

2026-03-26

Title

SureCart < 4.0.3 - Missing Authorization

Published

2024-05-09

Title

White Label CMS < 2.7.4 - Missing Authorization to Plugin Settings Reset

Published

2024-11-15

Title

WP Log Viewer <= 1.2.1 - Missing Authorization