Lucene search
K

5 matches found

Prion
Prion
added 2022/10/28 7:15 p.m.14 views

Authorization

The Bricks theme for WordPress is vulnerable to remote code execution due to the theme allowing site editors to include executable code blocks in website content in versions 1.2 to 1.5.3. This, combined with the missing authorization vulnerability CVE-2022-3400, makes it possible for authenticate...

6.5CVSS7AI score0.01556EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2022/10/28 6:12 p.m.21 views

CVE-2022-3401

The Bricks theme for WordPress is vulnerable to remote code execution due to the theme allowing site editors to include executable code blocks in website content in versions 1.2 to 1.5.3. This, combined with the missing authorization vulnerability CVE-2022-3400, makes it possible for authenticate...

8.8CVSS7.7AI score0.01556EPSS
Exploits1References2
NVD
NVD
added 2022/10/28 5:15 p.m.18 views

CVE-2022-3400

The Bricks theme for WordPress is vulnerable to authorization bypass due to a missing capability check on the brickssavepost AJAX action in versions 1.0 to 1.5.3. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to edit any page, post, or template...

6.5CVSS0.00618EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/10/28 4:57 p.m.11 views

CVE-2022-3400

The Bricks theme for WordPress is vulnerable to authorization bypass due to a missing capability check on the brickssavepost AJAX action in versions 1.0 to 1.5.3. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to edit any page, post, or template...

6.5CVSS7.2AI score0.00618EPSS
Exploits1References2
CVE
CVE
added 2022/10/28 4:57 p.m.56 views

CVE-2022-3400

The Bricks theme for WordPress (versions 1.0–1.5.3) is vulnerable to an authorization bypass due to a missing capability check on the bricks_save_post AJAX action. This allows authenticated users with minimal rights (e.g., a subscriber) to edit any page, post, or template on affected sites. Relat...

6.5CVSS6.3AI score0.00618EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder