CVE-2026-32408 WordPress Brizy plugin <= 2.7.23 - Broken Access Control vulnerability

Missing Authorization vulnerability in themefusecom Brizy brizy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brizy: from n/a through = 2.7.23...

CVE-2026-32408 WordPress Brizy plugin <= 2.7.23 - Broken Access Control vulnerability

Missing Authorization vulnerability in themefusecom Brizy brizy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brizy: from n/a through = 2.7.23...

WordPress Brizy plugin <= 2.4.43 - Authenticated(Contributor+) Stored Cross-Site Scripting via Form Functionality vulnerability

AuthenticatedContributor+ Stored Cross-Site Scripting via Form Functionality vulnerability discovered by RandomRoot in WordPress Plugin Brizy versions = 2.4.43...

WordPress Brizy plugin <= 2.4.40 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Nikolas - mdr in WordPress Plugin Brizy versions = 2.4.40...

WordPress Brizy - Page Builder plugin <= 2.4.41 - Authenticated(Contributor+) Stored Cross-Site Scripting vulnerability

WordPress Brizy - Page Builder plugin = 2.4.41 - AuthenticatedContributor+ Stored Cross-Site Scripting vulnerability discovered by stealthcopter in WordPress Plugin Brizy versions = 2.4.41...

CVE-2025-58594 WordPress Brizy Plugin <= 2.7.12 - Broken Access Control Vulnerability

Missing Authorization vulnerability in themefusecom Brizy brizy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brizy: from n/a through = 2.7.12...

CVE-2025-32198 WordPress Brizy plugin <= 2.6.14 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themefusecom Brizy. This issue affects Brizy: from n/a through 2.6.14...

CVE-2025-26902 WordPress Brizy Pro plugin <= 2.6.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Brizy Brizy Pro allows Cross Site Request Forgery.This issue affects Brizy Pro: from n/a through 2.6.1...

CVE-2025-26901

CVE-2025-26901 (Brizy Pro) is a Missing Authorization vulnerability affecting Brizy Pro versions up to 2.6.1, per Wordfence coverage referencing the Brizy Pro entry. The issue stems from incorrectly configured access control security levels, enabling unauthorized actions without authentication or...

WordPress Brizy – Page Builder plugin <= 2.6.8 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload vulnerability

Authenticated Author+ Stored Cross-Site Scripting via SVG File Upload vulnerability discovered by Francesco Carlucci in WordPress Plugin Brizy versions = 2.6.8...

WordPress Brizy plugin <= 2.6.4 - Authenticated (Contributor+) Arbitrary File Upload via storeUploads vulnerability

Authenticated Contributor+ Arbitrary File Upload via storeUploads vulnerability discovered by stealthcopter in WordPress Plugin Brizy versions = 2.6.4...

WordPress Brizy – Page Builder plugin <= 2.5.1 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Xetnus in WordPress Plugin Brizy versions = 2.5.1...

WordPress Brizy – Page Builder plugin <= 2.4.44 - Authenticated (Contributor+) Arbitrary File Upload vulnerability

Authenticated Contributor+ Arbitrary File Upload vulnerability discovered by stealthcopter in WordPress Plugin Brizy versions = 2.4.44...

WordPress Brizy Plugin <= 2.4.44 is vulnerable to Arbitrary File Upload

Software Brizy Type Plugin Vulnerable versions = 2.4.44 Fixed in 2.4.45 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-3242 Patch priority Medium CVSS severity Medium 9.9 Developer Claim ownership PSID cefdc004eccb Credits stealthcopter Required privilege Contributor...

WordPress Brizy Plugin <= 2.4.44 is vulnerable to Broken Access Control

Software Brizy Type Plugin Vulnerable versions = 2.4.44 Fixed in 2.4.45 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1937 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 5274a9cc7b66 Credits stealthcopter Required privilege...

WordPress Brizy – Page Builder plugin <= 2.4.43 - Unauthenticated Stored Cross-Site Scripting via Form vulnerability

Unauthenticated Stored Cross-Site Scripting via Form vulnerability discovered by wesley wcraft in WordPress Plugin Brizy versions = 2.4.43...

WordPress Brizy Plugin <= 2.4.43 is vulnerable to Cross Site Scripting (XSS)

Software Brizy Type Plugin Vulnerable versions = 2.4.43 Fixed in 2.4.44 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3667 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID cff58ae2952e Credits Webbernaut Required privilege...

WordPress Brizy Plugin <= 2.4.43 is vulnerable to Broken Access Control

Software Brizy Type Plugin Vulnerable versions = 2.4.43 Fixed in 2.4.44 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3711 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 6a9b9ee44fc3 Credits Lucio Sá Required privilege Contributo...

WordPress Plugin Brizy Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

WordPress Brizy Plugin <= 2.4.40 is vulnerable to Arbitrary File Upload

Software Brizy Type Plugin Vulnerable versions = 2.4.40 Fixed in 2.4.41 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-1311 Patch priority Low CVSS severity Low 9.9 Developer Claim ownership PSID 24df97dffee9 Credits stealthcopter Required privilege Contributor...