CVE-2024-53797 – This stored cross-site scripting (XSS) vulnerab... (How to Fix)

Q: What is the severity of CVE-2024-53797?

CVE-2024-53797 has a CVSS score of 6.5 (MEDIUM). This stored cross-site scripting (XSS) vulnerability in Beaver Builder WordPress plugin allows attackers to inject malicious scripts into web pages. When users view pages containing the malicious content, the scripts execute in their browsers. All WordPress sites using Beaver Builder versions up to 2.8.4.3 are affected.

📋 TL;DR

This stored cross-site scripting (XSS) vulnerability in Beaver Builder WordPress plugin allows attackers to inject malicious scripts into web pages. When users view pages containing the malicious content, the scripts execute in their browsers. All WordPress sites using Beaver Builder versions up to 2.8.4.3 are affected.

💻 Affected Systems

Products:

Beaver Builder WordPress Page Builder Plugin

Versions: n/a through 2.8.4.3

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Affects both free (Lite) and premium versions. Requires attacker to have contributor-level access or higher to inject scripts.

📦 What is this software?

Beaver Builder by Fastlinemedia

View all CVEs affecting Beaver Builder →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal session cookies, redirect users to malicious sites, perform actions on behalf of authenticated users, or deface websites.

🟠

Likely Case

Attackers inject malicious JavaScript to steal user session cookies or credentials, potentially compromising admin accounts.

🟢

If Mitigated

With proper input validation and output encoding, malicious scripts would be neutralized before reaching users.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Requires authenticated access (contributor role or higher). XSS payloads are well-documented and easy to craft.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.8.4.4

Vendor Advisory: https://patchstack.com/database/wordpress/plugin/beaver-builder-lite-version/vulnerability/wordpress-beaver-builder-wordpress-page-builder-plugin-2-8-4-3-cross-site-scripting-xss-vulnerability?_s_id=cve

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find Beaver Builder. 4. Click 'Update Now' if update available. 5. Alternatively, download version 2.8.4.4+ from WordPress repository and replace plugin files.

🔧 Temporary Workarounds

Restrict User Roles

all

Limit contributor and author roles to trusted users only to reduce attack surface.

Content Security Policy

all

Implement CSP headers to restrict script execution sources.

Header set Content-Security-Policy "default-src 'self'; script-src 'self'"
Add to .htaccess or web server config

🧯 If You Can't Patch

Disable Beaver Builder plugin temporarily
Implement web application firewall (WAF) with XSS protection rules

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin > Plugins > Installed Plugins for Beaver Builder version. If version is 2.8.4.3 or lower, you are vulnerable.

Check Version:

wp plugin list --name=beaver-builder --field=version

Verify Fix Applied:

Verify Beaver Builder version is 2.8.4.4 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

Unusual POST requests to Beaver Builder endpoints
Suspicious script tags in page content
Multiple failed authentication attempts followed by successful contributor login

Network Indicators:

Outbound connections to unknown domains after page load
Unexpected JavaScript execution in browser dev tools

SIEM Query:

source="wordpress" AND (plugin="beaver-builder" OR uri="/wp-admin/admin-ajax.php") AND (method="POST" AND (body CONTAINS "<script>" OR body CONTAINS "javascript:"))

📊 Metadata

CVE ID: CVE-2024-53797

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

CWE: CWE-79

Published: December 6, 2024

Last Updated: January 31, 2025

🔗 References

https://patchstack.com/database/wordpress/plugin/beaver-builder-lite-version/vulnerability/wordpress-beaver-builder-wordpress-page-builder-plugin-2-8-4-3-cross-site-scripting-xss-vulnerability?_s_id=cve Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-53797, you might also want to check these: