Threat Encyclopedia

WordPress.Brizy.Page.Builder.Plugin.Embed.Text.Stored.XSS

description-logoDescription

This indicates an attack attempt to exploit a Cross-Site Scripting vulnerability in Brizy Page Builder plugin for WordPress.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application while handling maliciously crafted requests. A remote attacker may be able to exploit this to execute arbitrary script code.

affected-products-logoAffected Products

Brizy Page Builder Plugin 2.4.1 and below

Impact logoImpact

System Compromise: Remote attackers can execute arbitrary script code in the context of the affected site.

recomended-action-logoRecommended Actions

Upgrade to Brizy Page Builder 2.4.2 or higher.
https://wordpress.org/plugins/brizy/

Telemetry logoTelemetry