CVE-2020-36714
Brizy < 1.0.126 - Authorization Bypass to Settings Updates
The Brizy plugin for WordPress is vulnerable to authorization bypass due to a incorrect capability check on the is_administrator() function in versions up to, and including, 1.0.125. This makes it possible for authenticated attackers to access and interact with available AJAX functions.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
Produtos afetados
themefusecom · Brizy – Page BuilderQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →