82 matches found
Exploit for CVE-2024-25600
CVE-2024-25600 ā WordPress Bricks Builder RCE PoC Unauthent...
Exploit for CVE-2024-25600
š§± BrickBreaker !Pythonhttps://img.shields.io/badge/Pytho...
Exploit for CVE-2024-25600
MODIFIED CVE-2024-25600 original - https://github.com/K3ysT...
EUVD-2024-45468
Malicious code in bioql PyPI...
WordPress Bricks 1.9.6 Remote Code Execution
This tool is designed to exploit the CVE-2024-25600 vulnerability found in the Bricks Builder plugin for WordPress versions 1.9.6 and below. The vulnerability allows for unauthenticated remote code execution on affected websites. The tool automates the exploitation process by retrieving nonces an...
CVE-2025-6495 Bricks Builder <= 1.12.4 - Unauthenticated SQL Injection via `p` Parameter
The Bricks theme for WordPress is vulnerable to blind SQL Injection via the āpā parameter in all versions up to, and including, 1.12.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticat...
CVE-2025-6495 Bricks Builder <= 1.12.4 - Unauthenticated SQL Injection via `p` Parameter
The Bricks theme for WordPress is vulnerable to blind SQL Injection via the āpā parameter in all versions up to, and including, 1.12.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticat...
WordPress Bricks Builder plugin <= 1.12.4 - Unauthenticated SQL Injection via `p` Parameter vulnerability
Unauthenticated SQL Injection via p Parameter vulnerability discovered by Jamie Burchell in WordPress Theme Bricks Builder versions = 1.12.4...
WordPress Bricks Builder Theme <= 1.12.4 is vulnerable to SQL Injection
Software Bricks Builder Type Theme Vulnerable versions = 1.12.4 Fixed in 2.0 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2025-6495 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID a75c4498f744 Credits Jamie Burchell Required privilege Unauthenticated...
Exploit for CVE-2024-25600
Bricks Builder RCE Exploit CVE-2024-25600 This project cont...
CVE-2024-51663
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bricksable Bricksable for Bricks Builder bricksable allows Stored XSS.This issue affects Bricksable for Bricks Builder: from n/a through = 1.6.59...
CVE-2024-4874
The Bricks Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.9.8 via the postId parameter due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Contributor-level access and...
WordPress Bricks Builder 1.9.6 Remote Code Execution
WordPress Bricks Builder plugin versions 1.9.6 and below unauthenticated remote code execution exploit...
Exploit for CVE-2024-25600
Exploit Repository: CVE-2024-25600 š„ Unauthenticated RCE Ex...
Exploit for CVE-2024-25600
CVE-2024-25600 Exploit - WordPress Bricks Builder Remote Code...
WordPress Bricksbuilder plugin <= 1.9.6.1 - Authenticated (Contributor+) Privilege Escalation via create_autosave vulnerability
Authenticated Contributor+ Privilege Escalation via createautosave vulnerability discovered by etragardh in WordPress Theme Bricks Builder versions = 1.9.6.1...
CVE-2024-25600
Improper Control of Generation of Code 'Code Injection' vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through 1.9.6...
CVE-2024-51663
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Bricksable Bricksable for Bricks Builder allows Stored XSS.This issue affects Bricksable for Bricks Builder: from n/a through 1.6.59...
CVE-2024-51663 WordPress Bricksable for Bricks Builder plugin <= 1.6.59 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bricksable Bricksable for Bricks Builder bricksable allows Stored XSS.This issue affects Bricksable for Bricks Builder: from n/a through = 1.6.59...
PT-2024-34808 Ā· Unknown Ā· Bricksable For Bricks Builder
Name of the Vulnerable Software and Affected Versions: Bricksable for Bricks Builder versions 1.6.59 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...