Description
WordPress Plugin PowerPack for Beaver Builder is prone to a privilege escalation vulnerability. Exploiting this issue may allow attackers to bypass the expected capabilities check and perform otherwise restricted actions; other attacks are also possible. WordPress Plugin PowerPack for Beaver Builder version 2.33.0 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.33.1 or latest
References
Related Vulnerabilities
WebLogic CVE-2016-0577 Vulnerability (CVE-2016-0577)
WordPress Plugin Bind Users to Taxonomy Cross-Site Scripting (0.3)
WordPress Plugin Copy or Move Comments Multiple Vulnerabilities (1.0.0)
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-3744)
WordPress Plugin Contact Bank-Contact Form Builder for WordPress Cross-Site Scripting (2.1.22)