cleantalk
Vulnerabilities and Security Researches

Beaver Builder – WordPress Page Builder, CVE-2026-40744

CVE, Research URL

CVE-2026-40744

Home page URL

Security reports for Beaver Builder – WordPress Page Builder

Application

Beaver Builder – WordPress Page Builder

Published on
Apr 15, 2026
Research Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Beaver Builder Beaver Builder beaver-builder-lite-version allows Blind SQL Injection.This issue affects Beaver Builder: from n/a through <= 2.10.1.2.
Affected versions
max 2.10.1.5.
Status
vulnerable
Previous vulnerability researches
Simple File List (CVE-2025-34085) , Jul 13, 2025
Simple File List (CVE-2025-47450) , May 09, 2025
Simple File List (CVE-2020-36847) , Jun 13, 2026
Simple File List (CVE-2022-1119) , Jun 07, 2024
Simple File List (CVE-2020-12832) , Jun 07, 2024
New vulnerability
FAQ Manager For Divi, Gutenberg Block &amp; Shortcode (CVE-2023-33999) , Jun 14, 2026
TablePress &#8211; Tables in WordPress made easy (CVE-2023-33999) , Jun 14, 2026
Docket Cache &#8211; Object Cache Accelerator (CVE-2026-22492) , Jun 14, 2026
Advanced Classifieds &amp; Directory Pro (CVE-2023-33999) , Jun 14, 2026
Display Eventbrite Events (CVE-2023-33999) , Jun 14, 2026