Vulnerabilities

CVE-2024-1165

by Fred · 26/02/2024

The Brizy – Page Builder plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4.39 via the ‘id’. This makes it possible for authenticated attackers, with contributor-level access and above, to upload files to arbitrary locations on the server

More information : https://plugins.trac.wordpress.org/browser/brizy/tags/2.4.39/editor/screenshot/manager.php#L33

Attack vector :
Attack complexity :
Privileges required :
User interaction :
Confidentiality impact :
Integrity impact :
Base score :
Base severity :
Exploitability score :
Impact score :

Similar

Tags: Cybersecurity Alert