Description
WordPress Plugin PowerPack for Beaver Builder is prone to a privilege escalation vulnerability. Exploiting this issue may allow attackers to bypass the expected capabilities check and perform otherwise restricted actions; other attacks are also possible. WordPress Plugin PowerPack for Beaver Builder version 2.33.0 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.33.1 or latest
References
Related Vulnerabilities
WordPress Plugin iThemes Security (formerly Better WP Security) Security Bypass (5.3.5)
Atlassian Jira CVE-2019-8448 Vulnerability (CVE-2019-8448)
WordPress Plugin Blaze Slideshow Arbitrary File Upload (2.7)
Joomla! Core 1.5.x Security Bypass (1.5.0 - 1.5.13)
Zenphoto Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5595)