2 matches found
CVE-2024-1940
The CVE-2024-1940 entry concerns Brizy – Page Builder for WordPress. Affected: Brizy Page Builder plugin for WordPress versions up to and including 2.4.41. Root cause: insufficient client-side input sanitization and output escaping in post content. Impact: Stored Cross-Site Scripting that can be ...
CVE-2024-1940 Brizy – Page Builder <= 2.4.41 - Authenticated(Contributor+) Stored Cross-Site Scripting
The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post content in all versions up to, and including, 2.4.41 due to insufficient input sanitization performed only on the client side and insufficient output escaping. This makes it possible for...