Vulnerabilities > Brizy

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-27	CVE-2022-2041	Cross-site Scripting vulnerability in Brizy Brizy-Page Builder The Brizy WordPress plugin before 2.4.2 does not sanitise and escape some element content, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks network low complexity brizy CWE-79	5.4
2021-10-14	CVE-2021-38344	Unspecified vulnerability in Brizy Brizy-Page Builder The Brizy Page Builder plugin <= 2.3.11 for WordPress was vulnerable to stored XSS by lower-privileged users such as a subscribers. network low complexity brizy	5.4
2021-10-14	CVE-2021-38345	Incorrect Authorization vulnerability in Brizy Brizy-Page Builder The Brizy Page Builder plugin <= 2.3.11 for WordPress used an incorrect authorization check that allowed any logged-in user accessing any endpoint in the wp-admin directory to modify the content of any existing post or page created with the Brizy editor. network low complexity brizy CWE-863	6.5

Vulnerabilities > Brizy {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Brizy"}]}