Vulnerabilities > Brizy > Brizy Page Builder > 2.3.37
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-29 | CVE-2023-51396 | Cross-site Scripting vulnerability in Brizy Brizy-Page Builder Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brizy.Io Brizy – Page Builder allows Stored XSS.This issue affects Brizy – Page Builder: from n/a through 2.4.29. | 5.4 |
2022-06-27 | CVE-2022-2040 | Cross-site Scripting vulnerability in Brizy Brizy-Page Builder The Brizy WordPress plugin before 2.4.2 does not sanitise and escape some element URL, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks | 3.5 |
2022-06-27 | CVE-2022-2041 | Cross-site Scripting vulnerability in Brizy Brizy-Page Builder The Brizy WordPress plugin before 2.4.2 does not sanitise and escape some element content, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks | 3.5 |