[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-25763":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-20T19:39:07.854Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":262,"aliases":277,"duplicate_of":9,"upstream":278,"downstream":279,"duplicates":280,"related":281,"reserved_at":9,"published_at":282,"modified_at":282,"state":283,"summary":284,"references_raw":290,"kevs":305,"epss":9,"epss_history":306,"metrics":307,"affected":315},"CVE-2019-25763","WordPress Ultimate Addons for Beaver Builder 1.2.4.1 contains an authentication bypass vulnerability that allows attackers to gain unauthorized access by exploiting the social media login form functionality. Attackers can submit a POST request to the admin-ajax.php endpoint with the uabb-lf-google-submit action, a valid administrator email address, and a valid nonce to obtain session cookies and authenticate as that user.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-288","Authentication Bypass Using an Alternate Path or Channel","The product requires authentication, but the product has an alternate path or channel that does not require authentication.","weakness","Incomplete","Base",[19,81],{"id":20,"name":21,"techniques":22},"CAPEC-127","Directory Indexing",[23],{"id":24,"name":25,"tactics":26,"countermeasures":30},"T1083","File and Directory Discovery",[27],{"id":28,"name":29},"TA0102","Discovery",[31,36,40,45,50,55,60,65,69,73,77],{"id":32,"name":33,"tactic":34},"D3-FA","File Analysis",{"name":35},"Detect",{"id":37,"name":38,"tactic":39},"D3-FIM","File Integrity Monitoring",{"name":35},{"id":41,"name":42,"tactic":43},"D3-FEV","File Eviction",{"name":44},"Evict",{"id":46,"name":47,"tactic":48},"D3-DF","Decoy File",{"name":49},"Deceive",{"id":51,"name":52,"tactic":53},"D3-FE","File Encryption",{"name":54},"Harden",{"id":56,"name":57,"tactic":58},"D3-RF","Restore File",{"name":59},"Restore",{"id":61,"name":62,"tactic":63},"D3-LFP","Local File Permissions",{"name":64},"Isolate",{"id":66,"name":67,"tactic":68},"D3-CF","Content Filtering",{"name":64},{"id":70,"name":71,"tactic":72},"D3-RFAM","Remote File Access Mediation",{"name":64},{"id":74,"name":75,"tactic":76},"D3-CQ","Content Quarantine",{"name":64},{"id":78,"name":79,"tactic":80},"D3-CM","Content Modification",{"name":64},{"id":82,"name":83,"techniques":84},"CAPEC-665","Exploitation of Thunderbolt Protection Flaws",[85,120,159],{"id":86,"name":87,"tactics":88,"countermeasures":95},"T1211","Exploitation for Stealth",[89,92],{"id":90,"name":91},"TA0030","Defense Evasion",{"id":93,"name":94},"TA0005","Stealth",[96,100,104,108,112,116],{"id":97,"name":98,"tactic":99},"D3-MBT","Memory Boundary Tracking",{"name":35},{"id":101,"name":102,"tactic":103},"D3-PCSV","Process Code Segment Verification",{"name":35},{"id":105,"name":106,"tactic":107},"D3-SSC","Shadow Stack Comparisons",{"name":35},{"id":109,"name":110,"tactic":111},"D3-PSEP","Process Segment Execution Prevention",{"name":54},{"id":113,"name":114,"tactic":115},"D3-SAOR","Segment Address Offset Randomization",{"name":54},{"id":117,"name":118,"tactic":119},"D3-SFCV","Stack Frame Canary Validation",{"name":54},{"id":121,"name":122,"tactics":123,"countermeasures":129},"T1542.002","Component Firmware",[124,125,126],{"id":90,"name":91},{"id":93,"name":94},{"id":127,"name":128},"TA0110","Persistence",[130,135,139,143,147,151,155],{"id":131,"name":132,"tactic":133},"D3-SWI","Software Inventory",{"name":134},"Model",{"id":136,"name":137,"tactic":138},"D3-AVE","Asset Vulnerability Enumeration",{"name":134},{"id":140,"name":141,"tactic":142},"D3-FEMC","Firmware Embedded Monitoring Code",{"name":35},{"id":144,"name":145,"tactic":146},"D3-FV","Firmware Verification",{"name":35},{"id":148,"name":149,"tactic":150},"D3-FBA","Firmware Behavior Analysis",{"name":35},{"id":152,"name":153,"tactic":154},"D3-SU","Software Update",{"name":54},{"id":156,"name":157,"tactic":158},"D3-RS","Restore Software",{"name":59},{"id":160,"name":161,"tactics":162,"countermeasures":171},"T1556","Modify Authentication Process",[163,164,167,168],{"id":90,"name":91},{"id":165,"name":166},"TA0112","Defense Impairment",{"id":127,"name":128},{"id":169,"name":170},"TA0031","Credential Access",[172,176,180,184,186,188,192,196,200,204,206,210,214,218,222,224,226,228,232,234,236,238,240,242,246,250,254,258],{"id":173,"name":174,"tactic":175},"D3-CI","Configuration Inventory",{"name":134},{"id":177,"name":178,"tactic":179},"D3-NTPM","Network Traffic Policy Mapping",{"name":134},{"id":181,"name":182,"tactic":183},"D3-AM","Access Modeling",{"name":134},{"id":32,"name":33,"tactic":185},{"name":35},{"id":37,"name":38,"tactic":187},{"name":35},{"id":189,"name":190,"tactic":191},"D3-PLA","Process Lineage Analysis",{"name":35},{"id":193,"name":194,"tactic":195},"D3-PSMD","Process Self-Modification Detection",{"name":35},{"id":197,"name":198,"tactic":199},"D3-PSA","Process Spawn Analysis",{"name":35},{"id":201,"name":202,"tactic":203},"D3-SFA","System File Analysis",{"name":35},{"id":41,"name":42,"tactic":205},{"name":44},{"id":207,"name":208,"tactic":209},"D3-PT","Process Termination",{"name":44},{"id":211,"name":212,"tactic":213},"D3-PS","Process Suspension",{"name":44},{"id":215,"name":216,"tactic":217},"D3-HR","Host Reboot",{"name":44},{"id":219,"name":220,"tactic":221},"D3-HS","Host Shutdown",{"name":44},{"id":46,"name":47,"tactic":223},{"name":49},{"id":51,"name":52,"tactic":225},{"name":54},{"id":56,"name":57,"tactic":227},{"name":59},{"id":229,"name":230,"tactic":231},"D3-RC","Restore Configuration",{"name":59},{"id":66,"name":67,"tactic":233},{"name":64},{"id":61,"name":62,"tactic":235},{"name":64},{"id":70,"name":71,"tactic":237},{"name":64},{"id":74,"name":75,"tactic":239},{"name":64},{"id":78,"name":79,"tactic":241},{"name":64},{"id":243,"name":244,"tactic":245},"D3-KBPI","Kernel-based Process Isolation",{"name":64},{"id":247,"name":248,"tactic":249},"D3-SCF","System Call Filtering",{"name":64},{"id":251,"name":252,"tactic":253},"D3-HBPI","Hardware-based Process Isolation",{"name":64},{"id":255,"name":256,"tactic":257},"D3-ABPI","Application-based Process Isolation",{"name":64},{"id":259,"name":260,"tactic":261},"D3-WSAM","Web Session Access Mediation",{"name":64},[263],{"_key":264,"name":265,"source":266,"url":267,"maturity":268,"reliability_score":269,"verified":270,"type":9,"platforms":271,"requires_auth":9,"exploitdb":273,"metasploit":9},"47832","WordPress Plugin Ultimate Addons for Beaver Builder 1.2.4.1 - Authentication Bypass","exploit-database","https://www.exploit-db.com/exploits/47832","poc",0.5,false,[272],"php",{"verified":270,"type":274,"platform":272,"file":275,"codes":276},"webapps","exploits/php/webapps/47832.py",[],[],[],[],[],[],"2026-06-20T13:36:32.595Z","PUBLISHED",{"cisa_kev":270,"cisa_ransomware":270,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":285,"severity_score":286,"severity_version":287,"severity_source":288,"severity_vector":289,"severity_status":283},"critical",9.8,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[291,295,300],{"url":267,"sources":292,"tags":293},[288],[294],"Exploit",{"url":296,"sources":297,"tags":298},"https://www.ultimatebeaver.com/",[288],[299],"Product",{"url":301,"sources":302,"tags":303},"https://www.vulncheck.com/advisories/wordpress-ultimate-addons-for-beaver-builder-authentication-bypass",[288],[304],"Third Party Advisory",[],[],[308],{"source":288,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":309,"cvss_v4_0":312},{"baseScore":286,"baseSeverity":310,"vectorString":289,"impactScore":286,"exploitabilityScore":311},"CRITICAL",10,{"baseScore":313,"baseSeverity":310,"vectorString":314,"impactScore":9,"exploitabilityScore":9},9.3,"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",[316],{"ecosystem":9,"name":317,"vendor":318,"product":319,"cpe_part":320,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":321},"Ultimate Addons for Beaver Builder","ultimatebeaver","ultimate addons for beaver builder","a",[322],{"version":323,"is_range":324,"range_type":288,"version_start":9,"version_start_type":9,"version_end":325,"version_end_type":326,"fixed_in":9},"\u003C 1.2.4.1",true,"1.2.4.1","excluding"]