55 matches found
CVE-2022-3401
The Bricks theme for WordPress is vulnerable to remote code execution due to the theme allowing site editors to include executable code blocks in website content in versions 1.2 to 1.5.3. This, combined with the missing authorization vulnerability CVE-2022-3400, makes it possible for authenticate...
Authorization
The Bricks theme for WordPress is vulnerable to remote code execution due to the theme allowing site editors to include executable code blocks in website content in versions 1.2 to 1.5.3. This, combined with the missing authorization vulnerability CVE-2022-3400, makes it possible for authenticate...
CVE-2022-3401
The Bricks theme for WordPress is vulnerable to remote code execution due to the theme allowing site editors to include executable code blocks in website content in versions 1.2 to 1.5.3. This, combined with the missing authorization vulnerability CVE-2022-3400, makes it possible for authenticate...
CVE-2022-3401
The Bricks theme for WordPress is vulnerable to remote code execution due to the theme allowing site editors to include executable code blocks in website content in versions 1.2 to 1.5.3. This, combined with the missing authorization vulnerability CVE-2022-3400, makes it possible for authenticate...
CVE-2022-3401
The Bricks theme for WordPress is vulnerable to remote code execution due to the theme allowing site editors to include executable code blocks in website content in versions 1.2 to 1.5.3. This, combined with the missing authorization vulnerability CVE-2022-3400, makes it possible for authenticate...
CVE-2022-3400
The Bricks theme for WordPress is vulnerable to authorization bypass due to a missing capability check on the brickssavepost AJAX action in versions 1.0 to 1.5.3. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to edit any page, post, or template...
CVE-2022-3400
The Bricks theme for WordPress is vulnerable to authorization bypass due to a missing capability check on the brickssavepost AJAX action in versions 1.0 to 1.5.3. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to edit any page, post, or template...
CVE-2022-3400
The Bricks theme for WordPress is vulnerable to authorization bypass due to a missing capability check on the brickssavepost AJAX action in versions 1.0 to 1.5.3. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to edit any page, post, or template...
Authorization
The Bricks theme for WordPress is vulnerable to authorization bypass due to a missing capability check on the brickssavepost AJAX action in versions 1.0 to 1.5.3. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to edit any page, post, or template...
CVE-2022-3400
The Bricks theme for WordPress is vulnerable to authorization bypass due to a missing capability check on the brickssavepost AJAX action in versions 1.0 to 1.5.3. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to edit any page, post, or template...
CVE-2022-3400
The Bricks theme for WordPress is vulnerable to authorization bypass due to a missing capability check on the brickssavepost AJAX action in versions 1.0 to 1.5.3. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to edit any page, post, or template...
CVE-2022-3400
The Bricks theme for WordPress (versions 1.0–1.5.3) is vulnerable to an authorization bypass due to a missing capability check on the bricks_save_post AJAX action. This allows authenticated users with minimal rights (e.g., a subscriber) to edit any page, post, or template on affected sites. Relat...
PT-2022-21966 · WordPress · The Bricks
Name of the Vulnerable Software and Affected Versions: The Bricks theme for WordPress versions 1.2 to 1.5.3 Description: The issue allows remote code execution due to the theme permitting site editors to include executable code blocks in website content. This is exacerbated by a missing...
WordPress theme Bricks 安全漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress theme is a theme for WordPress. An authorization issue vulnerability exists in WordPress theme Bricks...
PT-2022-21959 · WordPress · Bricks
Name of the Vulnerable Software and Affected Versions: The Bricks theme for WordPress versions 1.0 through 1.5.3 Description: The issue is related to authorization bypass due to a missing capability check on the bricks save post AJAX action. This allows authenticated attackers with minimal...