Brizy Security Vulnerabilities and Issues — Brizy CVE List

Lucene search

BrizyBrizy

5 matches found

CVE•added 2025/04/09 8:15 p.m.•52 views

CVE-2025-26901

Missing Authorization vulnerability in Brizy Brizy Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brizy Pro: from n/a through 2.6.1.

8.8CVSS4.7AI score0.00047EPSS

CVE•added 2024/03/13 4:15 p.m.•42 views

CVE-2024-1311

The Brizy – Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the storeImages function in all versions up to, and including, 2.4.40. This makes it possible for authenticated attackers, with contributor access or above, to upload arbitra...

8.8CVSS9.2AI score0.09631EPSS

CVE•added 2025/04/09 8:15 p.m.•42 views

CVE-2025-26902

Cross-Site Request Forgery (CSRF) vulnerability in Brizy Brizy Pro allows Cross Site Request Forgery.This issue affects Brizy Pro: from n/a through 2.6.1.

8.8CVSS4.7AI score0.00014EPSS

CVE•added 2023/10/20 8:15 a.m.•34 views

CVE-2020-36714

The Brizy plugin for WordPress is vulnerable to authorization bypass due to a incorrect capability check on the is_administrator() function in versions up to, and including, 1.0.125. This makes it possible for authenticated attackers to access and interact with available AJAX functions.

8.1CVSS7.7AI score0.00143EPSS

CVE•added 2024/07/18 9:15 a.m.•28 views

CVE-2024-3242

The Brizy – Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file extension validation in the validateImageContent function called via storeImages in all versions up to, and including, 2.4.43. This makes it possible for authenticated attackers, with contribut...

8.8CVSS8.9AI score0.07235EPSS