Lucene search
K

55 matches found

NVD
NVD
added 2022/10/28 7:15 p.m.15 views

CVE-2022-3401

The Bricks theme for WordPress is vulnerable to remote code execution due to the theme allowing site editors to include executable code blocks in website content in versions 1.2 to 1.5.3. This, combined with the missing authorization vulnerability CVE-2022-3400, makes it possible for authenticate...

8.8CVSS0.01556EPSS
Exploits1References2
Prion
Prion
added 2022/10/28 7:15 p.m.14 views

Authorization

The Bricks theme for WordPress is vulnerable to remote code execution due to the theme allowing site editors to include executable code blocks in website content in versions 1.2 to 1.5.3. This, combined with the missing authorization vulnerability CVE-2022-3400, makes it possible for authenticate...

6.5CVSS7AI score0.01556EPSS
Exploits2References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/10/28 7:15 p.m.2 views

CVE-2022-3401

The Bricks theme for WordPress is vulnerable to remote code execution due to the theme allowing site editors to include executable code blocks in website content in versions 1.2 to 1.5.3. This, combined with the missing authorization vulnerability CVE-2022-3400, makes it possible for authenticate...

8.8CVSS7.4AI score0.01556EPSS
Exploits2References3Affected Software1
Vulnrichment
Vulnrichment
added 2022/10/28 6:12 p.m.9 views

CVE-2022-3401

The Bricks theme for WordPress is vulnerable to remote code execution due to the theme allowing site editors to include executable code blocks in website content in versions 1.2 to 1.5.3. This, combined with the missing authorization vulnerability CVE-2022-3400, makes it possible for authenticate...

8.8CVSS7.1AI score0.01556EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/10/28 6:12 p.m.21 views

CVE-2022-3401

The Bricks theme for WordPress is vulnerable to remote code execution due to the theme allowing site editors to include executable code blocks in website content in versions 1.2 to 1.5.3. This, combined with the missing authorization vulnerability CVE-2022-3400, makes it possible for authenticate...

8.8CVSS7.7AI score0.01556EPSS
Exploits1References2
NVD
NVD
added 2022/10/28 5:15 p.m.18 views

CVE-2022-3400

The Bricks theme for WordPress is vulnerable to authorization bypass due to a missing capability check on the brickssavepost AJAX action in versions 1.0 to 1.5.3. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to edit any page, post, or template...

6.5CVSS0.00618EPSS
Exploits1References2
OSV
OSV
added 2022/10/28 5:15 p.m.2 views

CVE-2022-3400

The Bricks theme for WordPress is vulnerable to authorization bypass due to a missing capability check on the brickssavepost AJAX action in versions 1.0 to 1.5.3. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to edit any page, post, or template...

6.5CVSS5.8AI score0.00618EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/10/28 5:15 p.m.2 views

CVE-2022-3400

The Bricks theme for WordPress is vulnerable to authorization bypass due to a missing capability check on the brickssavepost AJAX action in versions 1.0 to 1.5.3. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to edit any page, post, or template...

6.5CVSS6.8AI score0.00618EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2022/10/28 5:15 p.m.14 views

Authorization

The Bricks theme for WordPress is vulnerable to authorization bypass due to a missing capability check on the brickssavepost AJAX action in versions 1.0 to 1.5.3. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to edit any page, post, or template...

4CVSS7.2AI score0.00618EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/10/28 4:57 p.m.17 views

CVE-2022-3400

The Bricks theme for WordPress is vulnerable to authorization bypass due to a missing capability check on the brickssavepost AJAX action in versions 1.0 to 1.5.3. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to edit any page, post, or template...

6.5CVSS7AI score0.00618EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/10/28 4:57 p.m.11 views

CVE-2022-3400

The Bricks theme for WordPress is vulnerable to authorization bypass due to a missing capability check on the brickssavepost AJAX action in versions 1.0 to 1.5.3. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to edit any page, post, or template...

6.5CVSS7.2AI score0.00618EPSS
Exploits1References2
CVE
CVE
added 2022/10/28 4:57 p.m.55 views

CVE-2022-3400

The Bricks theme for WordPress (versions 1.0–1.5.3) is vulnerable to an authorization bypass due to a missing capability check on the bricks_save_post AJAX action. This allows authenticated users with minimal rights (e.g., a subscriber) to edit any page, post, or template on affected sites. Relat...

6.5CVSS6.3AI score0.00618EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/10/28 12:0 a.m.2 views

PT-2022-21966 · WordPress · The Bricks

Name of the Vulnerable Software and Affected Versions: The Bricks theme for WordPress versions 1.2 to 1.5.3 Description: The issue allows remote code execution due to the theme permitting site editors to include executable code blocks in website content. This is exacerbated by a missing...

8.8CVSS8.8AI score0.01556EPSS
Exploits1References5
CNNVD
CNNVD
added 2022/10/28 12:0 a.m.3 views

WordPress theme Bricks 安全漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress theme is a theme for WordPress. An authorization issue vulnerability exists in WordPress theme Bricks...

6.5CVSS6.6AI score0.00618EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/10/28 12:0 a.m.2 views

PT-2022-21959 · WordPress · Bricks

Name of the Vulnerable Software and Affected Versions: The Bricks theme for WordPress versions 1.0 through 1.5.3 Description: The issue is related to authorization bypass due to a missing capability check on the bricks save post AJAX action. This allows authenticated attackers with minimal...

6.5CVSS6.3AI score0.00618EPSS
Exploits1References6
Rows per page
Query Builder