Filtered by vendor Brizy
Subscribe
Total
9 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-51396 | 1 Brizy | 1 Brizy-page Builder | 2024-01-05 | N/A | 5.4 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brizy.Io Brizy – Page Builder allows Stored XSS.This issue affects Brizy – Page Builder: from n/a through 2.4.29. | |||||
| CVE-2020-36714 | 1 Brizy | 1 Brizy-page Builder | 2023-12-10 | N/A | 8.1 HIGH |
| The Brizy plugin for WordPress is vulnerable to authorization bypass due to a incorrect capability check on the is_administrator() function in versions up to, and including, 1.0.125. This makes it possible for authenticated attackers to access and interact with available AJAX functions. | |||||
| CVE-2023-2897 | 1 Brizy | 1 Brizy | 2023-12-10 | N/A | 5.3 MEDIUM |
| The Brizy Page Builder plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.4.18. This is due to an implicit trust of user-supplied IP addresses in an 'X-Forwarded-For' HTTP header for the purpose of validating allowed IP addresses against a Maintenance Mode whitelist. Supplying a whitelisted IP address within the 'X-Forwarded-For' header allows maintenance mode to be bypassed and may result in the disclosure of potentially sensitive information or allow access to restricted functionality. | |||||
| CVE-2022-2219 | 1 Brizy | 1 Unyson | 2023-12-10 | N/A | 7.2 HIGH |
| The Unyson WordPress plugin before 2.7.27 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting | |||||
| CVE-2022-2041 | 1 Brizy | 1 Brizy-page Builder | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
| The Brizy WordPress plugin before 2.4.2 does not sanitise and escape some element content, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks | |||||
| CVE-2022-2040 | 1 Brizy | 1 Brizy-page Builder | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
| The Brizy WordPress plugin before 2.4.2 does not sanitise and escape some element URL, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks | |||||
| CVE-2021-38344 | 1 Brizy | 1 Brizy-page Builder | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
| The Brizy Page Builder plugin <= 2.3.11 for WordPress was vulnerable to stored XSS by lower-privileged users such as a subscribers. It was possible to add malicious JavaScript to a page by modifying the request sent to update the page via the brizy_update_item AJAX action and adding JavaScript to the data parameter, which would be executed in the session of any visitor viewing or previewing the post or page. | |||||
| CVE-2021-38346 | 1 Brizy | 1 Brizy-page Builder | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
| The Brizy Page Builder plugin <= 2.3.11 for WordPress allowed authenticated users to upload executable files to a location of their choice using the brizy_create_block_screenshot AJAX action. The file would be named using the id parameter, which could be prepended with "../" to perform directory traversal, and the file contents were populated via the ibsf parameter, which would be base64-decoded and written to the file. While the plugin added a .jpg extension to all uploaded filenames, a double extension attack was still possible, e.g. a file named shell.php would be saved as shell.php.jpg, and would be executable on a number of common configurations. | |||||
| CVE-2021-38345 | 1 Brizy | 1 Brizy-page Builder | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| The Brizy Page Builder plugin <= 2.3.11 for WordPress used an incorrect authorization check that allowed any logged-in user accessing any endpoint in the wp-admin directory to modify the content of any existing post or page created with the Brizy editor. An identical issue was found by another researcher in Brizy <= 1.0.125 and fixed in version 1.0.126, but the vulnerability was reintroduced in version 1.0.127. | |||||