CVE-2025-26901

Medium CVSS: 4.3

Missing Authorization vulnerability in Brizy Brizy Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brizy Pro: from n/a through 2.6.1.

Vendor

Brizy

Product

Brizy

CWE

CWE-862

Yayın Tarihi

2025-04-09 20:15:26

Güncelleme

2025-08-07 18:09:33

Source Identifier

audit@patchstack.com

KEV Date Added

Kategoriler

CWE-862 Brizy MEDIUM Brizy 2025

Referanslar

https://patchstack.com/database/wordpress/plugin/brizy-pro/vulnerability/wordpress-brizy-pro-plugin-2-6-1-broken-access-control-vulnerability?_s_id=cve

Benzer Kayıtlar

Medium

CVE-2025-4370

The Brizy – Page Builder plugin for WordPress is vulnerable to limited file uploads due to missing authorization on proc…

Medium

CVE-2025-32198

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themefusecom Brizy…

Medium

CVE-2025-26902

Cross-Site Request Forgery (CSRF) vulnerability in Brizy Brizy Pro allows Cross Site Request Forgery.This issue affects…

Medium

CVE-2024-10322

The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads…

Critical

CVE-2024-10960

The Brizy – Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validatio…

High

CVE-2025-22763

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Brizy Pro…