Lucene search
K

150 matches found

Patchstack
Patchstack
added 2026/05/06 10:13 a.m.11 views

WordPress Brizy – Page Builder plugin <= 2.8.11 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by momopon1415 in WordPress Plugin Brizy versions = 2.8.11...

7.2CVSS5.8AI score0.00401EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/04 8:21 p.m.8 views

CVE-2026-5324

The Brizy – Page Builder plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in all versions up to, and including, 2.8.11 This is due to a combination of missing nonce verification for unauthenticated form submissions, insufficient handling of FileUpload fields when ...

7.2CVSS6AI score0.00401EPSS
Exploits0References1
NVD
NVD
added 2026/05/02 9:16 a.m.9 views

CVE-2026-5324

The Brizy – Page Builder plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in all versions up to, and including, 2.8.11 This is due to a combination of missing nonce verification for unauthenticated form submissions, insufficient handling of FileUpload fields when ...

7.2CVSS0.00401EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/02 8:27 a.m.9 views

EUVD-2026-26764

The Brizy – Page Builder plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in all versions up to, and including, 2.8.11 This is due to a combination of missing nonce verification for unauthenticated form submissions, insufficient handling of FileUpload fields when ...

7.2CVSS6AI score0.00401EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/02 8:27 a.m.33 views

CVE-2026-5324 Brizy – Page Builder <= 2.8.11 - Unauthenticated Stored Cross-Site Scripting via FileUpload Field Value

The Brizy – Page Builder plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in all versions up to, and including, 2.8.11 This is due to a combination of missing nonce verification for unauthenticated form submissions, insufficient handling of FileUpload fields when ...

7.2CVSS0.00401EPSS
Exploits0References8
CVE
CVE
added 2026/05/02 8:27 a.m.16 views

CVE-2026-5324

The Brizy – Page Builder for WordPress is vulnerable to unauthenticated stored XSS in versions up to 2.8.11, due to missing nonce verification for unauthenticated submissions, improper handling of FileUpload fields when no file is uploaded, and html_entity_decode() reversing stored encoding in ad...

7.2CVSS6AI score0.00401EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/05/02 8:27 a.m.3 views

CVE-2026-5324

The Brizy – Page Builder plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in all versions up to, and including, 2.8.11 This is due to a combination of missing nonce verification for unauthenticated form submissions, insufficient handling of FileUpload fields when ...

7.2CVSS6AI score0.00401EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2026/05/02 8:27 a.m.6 views

CVE-2026-5324 Brizy – Page Builder <= 2.8.11 - Unauthenticated Stored Cross-Site Scripting via FileUpload Field Value

The Brizy – Page Builder plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in all versions up to, and including, 2.8.11 This is due to a combination of missing nonce verification for unauthenticated form submissions, insufficient handling of FileUpload fields when ...

7.2CVSS6AI score0.00401EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/02 12:0 a.m.9 views

PT-2026-36594

The Brizy – Page Builder plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in all versions up to, and including, 2.8.11 This is due to a combination of missing nonce verification for unauthenticated form submissions, insufficient handling of FileUpload fields when ...

7.2CVSS6AI score0.00401EPSS
Exploits0References9
Patchstack
Patchstack
added 2026/02/03 7:46 a.m.6 views

WordPress Brizy - Page Builder plugin <= 2.4.43 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Attributes vulnerability

WordPress Brizy - Page Builder plugin = 2.4.43 - Authenticated Contributor+ Stored Cross-Site Scripting via Custom Attributes vulnerability discovered by wesley wcraft in WordPress Plugin Brizy versions = 2.4.43...

6.4CVSS5.3AI score0.00254EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/14 8:45 a.m.7 views

CVE-2025-0969

The Brizy – Page Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.16 via the getusers function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including...

6.5CVSS5.7AI score0.00376EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/13 6:30 p.m.5 views

EUVD-2025-203248

The Brizy – Page Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.16 via the getusers function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including...

6.5CVSS5.2AI score0.00376EPSS
Exploits0References5
NVD
NVD
added 2025/12/13 4:16 p.m.6 views

CVE-2025-0969

The Brizy – Page Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.16 via the getusers function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including...

6.5CVSS0.00376EPSS
Exploits0References4
CVE
CVE
added 2025/12/13 8:21 a.m.16 views

CVE-2025-0969

CVE-2025-0969 affects Brizy – Page Builder for WordPress (

6.5CVSS5.3AI score0.00376EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/12/13 8:21 a.m.3 views

CVE-2025-0969 Brizy – Page Builder <= 2.7.16 - Authenticated (Contributor+) Sensitive Information Exposure via get_users Function

The Brizy – Page Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.16 via the getusers function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including...

6.5CVSS5.3AI score0.00376EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/13 8:21 a.m.36 views

CVE-2025-0969 Brizy – Page Builder <= 2.7.16 - Authenticated (Contributor+) Sensitive Information Exposure via get_users Function

The Brizy – Page Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.16 via the getusers function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including...

6.5CVSS0.00376EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/13 12:0 a.m.9 views

PT-2025-51096

The Brizy – Page Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.16 via the get users function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including...

6.5CVSS5.7AI score0.00376EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/13 12:0 a.m.10 views

WordPress plugin Brizy – Page Builder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

6.5CVSS5.8AI score0.00376EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-24799

Malware in sbrugna...

8.8CVSS8.4AI score0.01682EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-24797

Malware in sbrugna...

6.4CVSS5.5AI score0.00609EPSS
Exploits1References2
Rows per page
Query Builder