📦 Brizy

The Brizy Page Builder WordPress plugin allows authenticated users with Contributor-level access or higher to upload arbitrary files due to missing file type validation. This vulnerability can lead to...

This vulnerability allows attackers to inject malicious scripts into Brizy Pro WordPress plugin pages through improper input sanitization. When exploited, it enables reflected cross-site scripting att...

The Brizy Page Builder WordPress plugin allows authenticated attackers with contributor-level access or higher to upload arbitrary files due to insufficient file extension validation. This vulnerabili...

The Brizy Page Builder WordPress plugin has an authorization bypass vulnerability that allows authenticated users with contributor-level access or higher to modify any published post content. This can...

The Brizy Page Builder WordPress plugin has a stored XSS vulnerability in its 'Link To' field across multiple widgets. Authenticated attackers with contributor-level access or higher can inject malici...

The Brizy Page Builder WordPress plugin has a stored XSS vulnerability that allows authenticated attackers with contributor-level access or higher to inject malicious scripts into pages. These scripts...

The Brizy Page Builder WordPress plugin allows authenticated attackers with contributor-level access or higher to upload arbitrary files due to missing file type validation. This vulnerability can lea...

The Brizy WordPress plugin up to version 1.0.125 contains an authorization bypass vulnerability due to an incorrect capability check in the is_administrator() function. This allows authenticated attac...

The Brizy Page Builder WordPress plugin has an unauthenticated file upload vulnerability that allows attackers to upload .TXT files to the server. This affects all WordPress sites using Brizy Page Bui...

This is a cross-site scripting (XSS) vulnerability in the Brizy WordPress plugin that allows attackers to inject malicious scripts into web pages. It affects all Brizy plugin versions up to 2.6.14, po...

This CVE describes a missing authorization vulnerability in Brizy Pro WordPress plugin that allows attackers to bypass access controls. It affects all Brizy Pro installations up to version 2.6.1, pote...

The Brizy Page Builder WordPress plugin has a stored XSS vulnerability that allows authenticated attackers with Author-level access or higher to upload malicious SVG files containing JavaScript. When ...

The Brizy Page Builder WordPress plugin has a CSRF vulnerability that allows attackers to trick administrators into submitting malicious forms. This affects all versions up to 2.5.1. When unfiltered_h...

The Brizy Page Builder WordPress plugin has a stored XSS vulnerability that allows authenticated attackers with contributor-level permissions or higher to inject malicious scripts into pages. These sc...

The Brizy Page Builder WordPress plugin has a missing capability check vulnerability that allows authenticated users with contributor-level access or higher to modify plugin settings. Attackers can en...