Brizy-page Builder Security Vulnerabilities and Issues — Brizy-page Builder CVE List

Lucene search

BrizyBrizy-page Builder

6 matches found

CVE•added 2021/10/14 4:15 p.m.•49 views

CVE-2021-38344

The Brizy Page Builder plugin

6.4CVSS5.4AI score0.00171EPSS

CVE•added 2024/06/05 6:15 a.m.•48 views

CVE-2024-1940

The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post content in all versions up to, and including, 2.4.41 due to insufficient input sanitization performed only on the client side and insufficient output escaping. This makes it possible for authenticate...

7.1CVSS5.5AI score0.00104EPSS

CVE•added 2021/10/14 4:15 p.m.•47 views

CVE-2021-38345

The Brizy Page Builder plugin <= 2.3.11 for WordPress used an incorrect authorization check that allowed any logged-in user accessing any endpoint in the wp-admin directory to modify the content of any existing post or page created with the Brizy editor. An identical issue was found by another r...

7.1CVSS6.5AI score0.00421EPSS

CVE•added 2021/10/14 4:15 p.m.•44 views

CVE-2021-38346

The Brizy Page Builder plugin

8.8CVSS8.6AI score0.01688EPSS

CVE•added 2024/03/13 4:15 p.m.•41 views

CVE-2024-1311

The Brizy – Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the storeImages function in all versions up to, and including, 2.4.40. This makes it possible for authenticated attackers, with contributor access or above, to upload arbitra...

8.8CVSS9.2AI score0.07329EPSS

CVE•added 2024/07/18 9:15 a.m.•27 views

CVE-2024-3242

The Brizy – Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file extension validation in the validateImageContent function called via storeImages in all versions up to, and including, 2.4.43. This makes it possible for authenticated attackers, with contribut...

8.8CVSS8.9AI score0.02854EPSS