CVE-2024-1293

The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the embedded media custom block in all versions up to, and including, 2.4.40 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-1291

The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown URL parameter in all versions up to, and including, 2.4.40 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor...

WordPress Plugin Brizy Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

WordPress Plugin Brizy Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

WordPress Plugin Brizy Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2024-17831 · WordPress · Brizy

Name of the Vulnerable Software and Affected Versions: Brizy – Page Builder plugin for WordPress versions up to, and including, 2.4.40 Description: The issue is related to Stored Cross-Site Scripting via the plugin's block upload due to insufficient input sanitization and output escaping on...

PT-2024-17793 · WordPress · Brizy – Page Builder

Name of the Vulnerable Software and Affected Versions: The Brizy – Page Builder plugin for WordPress versions up to, and including, 2.4.40 Description: The issue is related to Stored Cross-Site Scripting via the Countdown URL parameter due to insufficient input sanitization and output escaping...

WordPress Brizy Plugin <= 2.4.40 is vulnerable to Cross Site Scripting (XSS)

Software Brizy Type Plugin Vulnerable versions = 2.4.40 Fixed in 2.4.41 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1291 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID ede9cd10d43f Credits 0liveira Required privilege...

Debian DSA-3868-1 : openldap - security update

Karsten Heymann discovered that the OpenLDAP directory server can be crashed by performing a paged search with a page size of 0, resulting in denial of service. This vulnerability is limited to the MDB storage backend. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

openldap security update

CentOS Errata and Security Advisory CESA-2015:2131 Updated openldap packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerabili...

OpenLDAP Double Release Vulnerability

OpenLDAP is an open source Lightweight Directory Access Protocol LDAP implementation. A double-release vulnerability in OpenLDAP 2.4.40 allows remote attackers to launch a denial of service attack via a matching value-controlled search query...