3 matches found
CVE-2024-1165
The Brizy – Page Builder plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4.39 via the 'id'. This makes it possible for authenticated attackers, with contributor-level access and above, to upload files to arbitrary locations on the server...
WordPress Brizy Plugin <= 2.4.40 is vulnerable to Directory Traversal
Software Brizy Type Plugin Vulnerable versions = 2.4.40 Fixed in 2.4.41 OWASP Top 10 A1: Broken Access Control Classification Directory Traversal CVE CVE-2024-1165 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID d07c7816cd90 Credits wesley wcraft Required privilege...
CVE-2024-1165
Brizy – Page Builder (WordPress)