81 matches found
CVE-2026-56009
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bricksable for Bricks Builder allows Stored XSS. This issue affects Bricksable for Bricks Builder: from n/a through 1.6.83...
EUVD-2026-37873
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bricksable for Bricks Builder allows Stored XSS. This issue affects Bricksable for Bricks Builder: from n/a through 1.6.83...
CVE-2026-56009
CVE-2026-56009 : Stored XSS in Bricksable for Bricks Builder plugin for WordPress, affected versions from n/a through 1.6.83. Root cause: Improper Neutralization of Input During Web Page Generation. CVSS 3.1 base score 5.9 (MEDIUM); attack vector NETWORK, complexity LOW, privileges required HIGH,...
EUVD-2026-37592
Subscriber Broken Access Control in Bricks Builder = 2.1.4 versions...
CVE-2026-40723
Subscriber Broken Access Control in Bricks Builder = 2.1.4 versions...
CVE-2026-40723 WordPress Bricks Builder theme <= 2.1.4 - Broken Access Control vulnerability
Subscriber Broken Access Control in Bricks Builder = 2.1.4 versions...
CVE-2026-40723
The advisory describes CVE-2026-40723 as a Broken Access Control issue in the WordPress Bricks Builder theme, affecting versions
CVE-2026-41554
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bricks Builder allows Reflected XSS. This issue affects Bricks Builder: from n/a through 1.9.2 to 2.2...
MAL-2026-4500 Malicious code in bricks-builder-mcp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ad643457c1104b8f118971a9ee95702f2126a16f33a4ec9dfd8ed21c43fc1eb bricks-builder-mcp is a Model Context Protocol server exposing WordPress/Bricks Builder editing tools page JSON edits, media uploads, custom CSS/JS...
EUVD-2026-28369
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bricks Builder allows Reflected XSS. This issue affects Bricks Builder: from n/a through 1.9.2 to 2.2...
CVE-2026-41554
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bricks Builder allows Reflected XSS. This issue affects Bricks Builder: from n/a through 1.9.2 to 2.2...
CVE-2026-41554
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bricks Builder allows Reflected XSS. This issue affects Bricks Builder: from n/a through 1.9.2 to 2.2...
CVE-2026-41554 WordPress Bricks Builder theme 1.9.2-2.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bricks Builder allows Reflected XSS. This issue affects Bricks Builder: from n/a through 1.9.2 to 2.2...
CVE-2026-41554 WordPress Bricks Builder theme 1.9.2-2.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bricks Builder allows Reflected XSS. This issue affects Bricks Builder: from n/a through 1.9.2 to 2.2...
CVE-2026-41554
CVE-2026-41554 concerns WordPress Bricks Builder theme, affecting versions from n/a through 1.9.2 to 2.2. The issue is an Improper Neutralization of Input During Web Page Generation leading to a Reflected Cross-Site Scripting (XSS) vulnerability. The vulnerable component is the Bricks Builder the...
PT-2026-38436
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bricks Builder allows Reflected XSS. This issue affects Bricks Builder: from n/a through 1.9.2 to 2.2...
WordPress plugin Bricks Builder 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress Bricks Builder theme <= 2.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by w41bu1 in WordPress Theme Bricks Builder versions = 2.2...
📄 WordPress Bricks 1.9.6 Remote Code Execution
Proof of concept exploit for a critical vulnerability in WordPress Bricks Builder plugin version 1.9.6 that allows unauthenticated attackers to execute arbitrary PHP code through the Bricks REST API. The attack targets the renderelement endpoint, injecting malicious instructions in the Query Edit...
Exploit for CVE-2024-25600
CVE-2024-25600 — WordPress Bricks Builder RCE PoC Unauthent...