WordPress Plugin Vulnerabilities

Beaver Builder – WordPress Page Builder < 2.9.4.2 - Subscriber+ Arbitrary Beaver Builder Post Update

Description

The plugin is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'duplicate_wpml_layout' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary posts with the content of other existing posts, potentially exposing private and password-protected content and deleting any content that is not saved in revisions or backups. Posts must have been created with Beaver Builder to be copied or updated.

Affects Plugins

Plugin icon
beaver-builder-lite-version
Fixed in 2.9.4.2

References

CVE
CVE-2025-12934
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/bc2db74d-61b9-498a-a0d8-e43466b06f37

Classification

Type
NO AUTHORISATION
OWASP top 10
A5: Broken Access Control
CWE
CWE-862
CVSS
6.8 (medium)

Miscellaneous

Original Researcher
Athiwat Tiprasaharn (Jitlada)
Verified
No
WPVDB ID
9c3eb27b-53f1-4422-9b34-f4d5f9ba997d

Timeline

Publicly Published
2025-12-22 (about 4 months ago)
Added
2025-12-22 (about 4 months ago)
Last Updated
2025-12-22 (about 4 months ago)

Other

Published
Title
Published
2024-03-26
Title
WholesaleX < 1.3.2 - Authenticated(Subscriber+) Missing Authorization via multiple AJAX actions
Published
2026-01-05
Title
Depicter Slider < 4.0.5 - Missing Authorization
Published
2026-03-10
Title
Avada (Fusion) Builder < 3.15.0 - Missing Authorization
Published
2025-01-14
Title
RomethemeKit For Elementor < 1.5.4 - Missing Authorization in save_options and reset_widgets
Published
2023-09-06
Title
Duplicate Post Page Menu & Custom Post Type < 2.4.0 - Subscriber+ Post Duplication