Vulnerabilities > Bricksbuilder

DATE	CVE	VULNERABILITY TITLE	RISK
2024-06-22	CVE-2024-4874	Authorization Bypass Through User-Controlled Key vulnerability in Bricksbuilder Bricks The Bricks Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.9.8 via the postId parameter due to missing validation on a user controlled key. network low complexity bricksbuilder CWE-639	4.3
2022-10-28	CVE-2022-3401	Unspecified vulnerability in Bricksbuilder Bricks The Bricks theme for WordPress is vulnerable to remote code execution due to the theme allowing site editors to include executable code blocks in website content in versions 1.2 to 1.5.3. network low complexity bricksbuilder	8.8
2022-10-28	CVE-2022-3400	Missing Authorization vulnerability in Bricksbuilder Bricks The Bricks theme for WordPress is vulnerable to authorization bypass due to a missing capability check on the bricks_save_post AJAX action in versions 1.0 to 1.5.3. network low complexity bricksbuilder CWE-862	6.5

Vulnerabilities > Bricksbuilder {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Bricksbuilder"}]}