Lucene search
K

196 matches found

GithubExploit
GithubExploit
added 2025/04/04 5:35 p.m.211 views

Exploit for CVE-2024-25600

Exploit Repository: CVE-2024-25600 🔥 Unauthenticated RCE Ex...

10CVSS10AI score0.87452EPSS
Exploits16
GithubExploit
GithubExploit
added 2025/03/31 5:44 a.m.631 views

Exploit for CVE-2024-25600

CVE-2024-25600 Exploit - WordPress Bricks Builder Remote Code...

10CVSS10AI score0.87452EPSS
Exploits16
OSV
OSV
added 2025/02/27 6:15 a.m.6 views

CVE-2024-2297

The Bricks theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.6.1. This is due to insufficient validation checks placed on the createautosave AJAX function. This makes it possible for authenticated attackers, with contributor-level access and above...

8.8CVSS6.1AI score0.00333EPSS
Exploits0References2
NVD
NVD
added 2025/02/27 6:15 a.m.10 views

CVE-2024-2297

The Bricks theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.6.1. This is due to insufficient validation checks placed on the createautosave AJAX function. This makes it possible for authenticated attackers, with contributor-level access and above...

8.8CVSS0.00333EPSS
Exploits0References2
CVE
CVE
added 2025/02/27 5:23 a.m.73 views

CVE-2024-2297

The Bricks WordPress theme (Bricks) is vulnerable to authenticated Privilege Escalation via the create_autosave AJAX function in versions up to and including 1.9.6.1. Exploitation requires Post Builder to be enabled, builder access for contributor-level users, and Code Execution enabled for admin...

8.8CVSS7.5AI score0.00333EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/27 5:23 a.m.10 views

CVE-2024-2297 Bricksbuilder <= 1.9.6.1 - Authenticated (Contributor+) Privilege Escalation via create_autosave

The Bricks theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.6.1. This is due to insufficient validation checks placed on the createautosave AJAX function. This makes it possible for authenticated attackers, with contributor-level access and above...

7.1CVSS7.1AI score0.00333EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/02/27 12:0 a.m.3 views

WordPress plugin Bricks 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

8.8CVSS8.2AI score0.00333EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/02/26 9:58 p.m.3 views

WordPress Bricksbuilder plugin <= 1.9.6.1 - Authenticated (Contributor+) Privilege Escalation via create_autosave vulnerability

Authenticated Contributor+ Privilege Escalation via createautosave vulnerability discovered by etragardh in WordPress Theme Bricks Builder versions = 1.9.6.1...

8.8CVSS7AI score0.00333EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/06 12:48 a.m.11 views

CVE-2022-3401

The Bricks theme for WordPress is vulnerable to remote code execution due to the theme allowing site editors to include executable code blocks in website content in versions 1.2 to 1.5.3. This, combined with the missing authorization vulnerability CVE-2022-3400, makes it possible for authenticate...

8.8CVSS7.2AI score0.01556EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:7 p.m.11 views

CVE-2024-25600

Improper Control of Generation of Code 'Code Injection' vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through 1.9.6...

10CVSS6.9AI score0.87452EPSS
Exploits16References1
OSV
OSV
added 2024/11/09 2:15 p.m.6 views

CVE-2024-51663

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Bricksable Bricksable for Bricks Builder allows Stored XSS.This issue affects Bricksable for Bricks Builder: from n/a through 1.6.59...

4.8CVSS5.8AI score0.00263EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/09 1:11 p.m.24 views

CVE-2024-51663 WordPress Bricksable for Bricks Builder plugin <= 1.6.59 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bricksable Bricksable for Bricks Builder bricksable allows Stored XSS.This issue affects Bricksable for Bricks Builder: from n/a through = 1.6.59...

5.9CVSS0.00263EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/09 12:0 a.m.6 views

WordPress plugin Bricksable for Bricks Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

5.9CVSS5.9AI score0.00263EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/09 12:0 a.m.9 views

PT-2024-34808 · Unknown · Bricksable For Bricks Builder

Name of the Vulnerable Software and Affected Versions: Bricksable for Bricks Builder versions 1.6.59 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...

5.9CVSS5.8AI score0.00263EPSS
Exploits0References6
Patchstack
Patchstack
added 2024/11/01 11:40 a.m.10 views

WordPress Bricksable for Bricks Builder plugin <= 1.6.59 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 4rCanJ0x! Patchstack Alliance in WordPress Plugin Bricksable for Bricks Builder versions = 1.6.59...

5.9CVSS6.1AI score0.00263EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/10/29 12:15 p.m.6 views

CVE-2024-49665

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Web Bricks Web Bricks Addons for Elementor allows Stored XSS.This issue affects Web Bricks Addons for Elementor: from n/a through 1.1.1...

5.4CVSS5.8AI score0.00263EPSS
Exploits0References1
NVD
NVD
added 2024/10/29 12:15 p.m.46 views

CVE-2024-49665

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Web Bricks Web Bricks Addons for Elementor allows Stored XSS.This issue affects Web Bricks Addons for Elementor: from n/a through 1.1.1...

6.5CVSS0.00263EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/29 11:20 a.m.14 views

CVE-2024-49665 WordPress Web Bricks Addons for Elementor plugin <= 1.1.1 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Web Bricks Web Bricks Addons for Elementor allows Stored XSS.This issue affects Web Bricks Addons for Elementor: from n/a through 1.1.1...

6.5CVSS7AI score0.00263EPSS
Exploits0References1
CVE
CVE
added 2024/10/29 11:20 a.m.57 views

CVE-2024-49665

CVE-2024-49665 is a stored XSS in the WordPress plugin Web Bricks Addons for Elementor (versions

6.5CVSS5.2AI score0.00263EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/10/29 11:20 a.m.53 views

CVE-2024-49665 WordPress Web Bricks Addons for Elementor plugin <= 1.1.1 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Web Bricks Web Bricks Addons for Elementor allows Stored XSS.This issue affects Web Bricks Addons for Elementor: from n/a through 1.1.1...

6.5CVSS0.00263EPSS
Exploits0References1
Rows per page
Query Builder