Vulnerabilities > Brizy > Brizy Page Builder > Low

DATE CVE VULNERABILITY TITLE RISK
2022-06-27 CVE-2022-2041 Cross-site Scripting vulnerability in Brizy Brizy-Page Builder
The Brizy WordPress plugin before 2.4.2 does not sanitise and escape some element content, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks
network
brizy CWE-79
3.5
3.5
2022-06-27 CVE-2022-2040 Cross-site Scripting vulnerability in Brizy Brizy-Page Builder
The Brizy WordPress plugin before 2.4.2 does not sanitise and escape some element URL, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks
network
brizy CWE-79
3.5
3.5
2021-10-14 CVE-2021-38344 Cross-site Scripting vulnerability in Brizy Brizy-Page Builder
The Brizy Page Builder plugin <= 2.3.11 for WordPress was vulnerable to stored XSS by lower-privileged users such as a subscribers.
network
brizy CWE-79
3.5
3.5