Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2025/07/29 4:23 a.m.2 views

CVE-2025-6495 Bricks Builder <= 1.12.4 - Unauthenticated SQL Injection via `p` Parameter

The Bricks theme for WordPress is vulnerable to blind SQL Injection via the ‘p’ parameter in all versions up to, and including, 1.12.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticat...

7.5CVSS7.2AI score0.00436EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/07/29 4:23 a.m.13 views

CVE-2025-6495 Bricks Builder <= 1.12.4 - Unauthenticated SQL Injection via `p` Parameter

The Bricks theme for WordPress is vulnerable to blind SQL Injection via the ‘p’ parameter in all versions up to, and including, 1.12.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticat...

7.5CVSS0.00436EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/07/28 12:0 a.m.6 views

WordPress Bricks Builder Theme <= 1.12.4 is vulnerable to SQL Injection

Software Bricks Builder Type Theme Vulnerable versions = 1.12.4 Fixed in 2.0 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2025-6495 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID a75c4498f744 Credits Jamie Burchell Required privilege Unauthenticated...

7.5CVSS6.5AI score0.00436EPSS
Exploits0References2Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2025/07/28 12:0 a.m.5 views

VulnCheck KEV: CVE-2025-6495

The Bricks theme for WordPress is vulnerable to blind SQL Injection via the ‘p’ parameter in all versions up to, and including, 1.12.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticat...

7.5CVSS5.9AI score0.00436EPSS
In wildExploits0References2
Rows per page
Query Builder