CVE-2025-12934
Unauthorized Access in Beaver Builder Plugin Allows Post Modification
Publication date: 2025-12-23
Last updated on: 2025-12-23
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| beaver_builder | beaver_builder_lite | 2.9.4.1 |
| beaver_builder | beaver_builder_lite | 2.9.4.2 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Beaver Builder WordPress plugin allows authenticated users with Subscriber-level access or higher to bypass missing capability checks in the 'duplicate_wpml_layout' function. This flaw enables them to duplicate or update arbitrary posts with content from other existing posts created with Beaver Builder, potentially exposing private or password-protected content and deleting unsaved content. The issue arises because the plugin did not properly verify user permissions before allowing duplication of WPML layouts. [2]
How can this vulnerability impact me? :
An attacker with at least Subscriber-level access can exploit this vulnerability to modify or overwrite posts by duplicating content from other posts, including private or password-protected ones. This can lead to unauthorized exposure of sensitive content and loss of data that is not saved in revisions or backups. Essentially, it risks data confidentiality and integrity within the WordPress site using Beaver Builder. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves checking if your Beaver Builder Lite plugin version is 2.9.4.1 or earlier, as these versions lack the necessary capability checks on the 'duplicate_wpml_layout' function. Since the vulnerability allows authenticated users with Subscriber-level access and above to duplicate or modify posts improperly, monitoring for unusual post duplication activities or unauthorized post modifications by low-privilege users can help detect exploitation attempts. Specific commands are not provided in the resources, but you can audit WordPress user actions and plugin versions via WP-CLI commands such as 'wp plugin list' to check plugin versions and custom logging or monitoring for post duplication events. [2]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to update the Beaver Builder Lite WordPress plugin to version 2.9.4.2 or later, which includes security enhancements such as strict capability checks on the 'duplicate_wpml_layout' function, nonce verification to prevent CSRF attacks, and sanitization of input to prevent unauthorized actions. Additionally, ensure that only trusted users have Subscriber-level or higher access, and consider monitoring or restricting post duplication activities until the update is applied. [2]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows authenticated users with Subscriber-level access and above to update arbitrary posts with content from other posts, potentially exposing private and password-protected content. This unauthorized exposure of private data could lead to non-compliance with data protection regulations such as GDPR and HIPAA, which require strict controls over access to personal and sensitive information. Therefore, the vulnerability poses a risk to compliance by enabling unauthorized data access and modification. [2]