WordPress plugin Brizy 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

CVE-2026-32408 WordPress Brizy plugin <= 2.7.23 - Broken Access Control vulnerability

Missing Authorization vulnerability in themefusecom Brizy brizy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brizy: from n/a through = 2.7.23...

CVE-2026-32408

The CVE concerns WordPress Brizy plugin (Brizy) with versions

CVE-2026-32408 WordPress Brizy plugin <= 2.7.23 - Broken Access Control vulnerability

Missing Authorization vulnerability in themefusecom Brizy brizy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brizy: from n/a through = 2.7.23...

WordPress plugin Brizy 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

WordPress Brizy plugin <= 2.4.43 - Authenticated(Contributor+) Stored Cross-Site Scripting via Form Functionality vulnerability

AuthenticatedContributor+ Stored Cross-Site Scripting via Form Functionality vulnerability discovered by RandomRoot in WordPress Plugin Brizy versions = 2.4.43...

WordPress Brizy plugin <= 2.4.40 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Nikolas - mdr in WordPress Plugin Brizy versions = 2.4.40...

CVE-2024-2087

The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form name values in all versions up to, and including, 2.4.43 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

EUVD-2020-24156

Malware in sbrugna...

EUVD-2024-27051

Malicious code in bioql PyPI...

EUVD-2024-32242

Malicious code in bioql PyPI...

EUVD-2024-17052

Malicious code in bioql PyPI...

CVE-2025-58594 WordPress Brizy Plugin <= 2.7.12 - Broken Access Control Vulnerability

Missing Authorization vulnerability in themefusecom Brizy brizy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brizy: from n/a through = 2.7.12...

WordPress plugin Brizy 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2025-4370 Brizy <= 2.6.20 - Missing Authorization to Unauthenticated Limited File Upload

The Brizy – Page Builder plugin for WordPress is vulnerable to limited file uploads due to missing authorization on processexternalasseturls function as well as missing path validation in storefile function in all versions up to, and including, 2.6.20. This makes it possible for unauthenticated...

CVE-2025-4370 Brizy <= 2.6.20 - Missing Authorization to Unauthenticated Limited File Upload

The Brizy – Page Builder plugin for WordPress is vulnerable to limited file uploads due to missing authorization on processexternalasseturls function as well as missing path validation in storefile function in all versions up to, and including, 2.6.20. This makes it possible for unauthenticated...

WordPress plugin Brizy 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Brizy plugin <= 2.6.20 - Missing Authorization to Unauthenticated Limited File Upload vulnerability

Missing Authorization to Unauthenticated Limited File Upload vulnerability discovered by mikemyers in WordPress Plugin Brizy versions = 2.6.20...

CVE-2024-1291

The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown URL parameter in all versions up to, and including, 2.4.40 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor...

CVE-2024-1296

The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's block upload in all versions up to, and including, 2.4.40 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...