Brizy

themefusecom

Developer

2.8.9

Latest version

70,000

Installations

No date

Last updated

WordPress Plugin

Active VDP

Report vulnerability

Vulnerabilities

Security Policy

Security Contributors

Vulnerability history

0 present

31 patched

6 Mitigation rules

Broken Access Control vulnerability
<= 2.7.23
22/02/2026
Authenticated(Contributor+) Stored Cross-Site Scripting via Form Functionality vulnerability
<= 2.4.43
03/02/2026
WordPress Brizy - Page Builder plugin <= 2.4.43 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Attributes vulnerability
<= 2.4.43
03/02/2026
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
<= 2.4.40
03/02/2026
WordPress Brizy - Page Builder plugin <= 2.4.41 - Authenticated(Contributor+) Stored Cross-Site Scripting vulnerability
<= 2.4.41
02/02/2026
Authenticated (Contributor+) Sensitive Information Exposure via get_users Function vulnerability
<= 2.7.16
13/12/2025
Broken Access Control Vulnerability
<= 2.7.12
03/09/2025
Missing Authorization to Unauthenticated Limited File Upload vulnerability
<= 2.6.20
28/07/2025
Cross Site Scripting (XSS) vulnerability
<= 2.7.7
04/04/2025
Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload vulnerability
<= 2.6.8
12/02/2025
Authenticated (Contributor+) Arbitrary File Upload via storeUploads vulnerability
<= 2.6.4
12/02/2025
Cross-Site Request Forgery vulnerability
<= 2.5.1
08/08/2024
Authenticated (Contributor+) Arbitrary File Upload vulnerability
<= 2.4.44
18/07/2024
Missing Authorization to Authenticated (Contributor+) Post Modification vulnerability
<= 2.4.44
16/07/2024
Multiple Authenticated (Contributor+) Store Cross-Site Scripting vulnerability
<= 2.4.43
05/06/2024
Unauthenticated Stored Cross-Site Scripting via Form vulnerability
<= 2.4.43
05/06/2024
Missing Authorization vulnerability
<= 2.4.43
23/05/2024
Authenticated (Contributor+) Directory Traversal vulnerability
<= 2.4.40
26/02/2024
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
<= 2.4.40
26/02/2024
Authenticated (Contributor+) Arbitrary File Upload vulnerability
<= 2.4.40
26/02/2024
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
<= 2.4.40
26/02/2024
Cross Site Scripting (XSS) vulnerability
<= 2.4.29
26/12/2023
Cross-Site Scripting vulnerability
< 2.4.30
09/11/2023
IP Address Spoofing to Protection Mechanism Bypass vulnerability
<= 2.4.18
31/05/2023
Authenticated Stored Cross-Site Scripting (XSS) vulnerability via Element URL
<= 2.4.1
21/06/2022
Authenticated Stored Cross-Site Scripting (XSS) via Element Content
<= 2.4.1
21/06/2022
Incorrect authorization checks allowing Post modification vulnerability
<= 2.3.11
13/10/2021
Authenticated Stored Cross-Site Scripting (XSS) vulnerability
<= 2.3.11
13/10/2021
Authenticated File Upload and Path Traversal vulnerability
<= 2.3.11
13/10/2021
Broken Access Control vulnerability
<= 1.0.125
10/06/2020
Unauthenticated Site Settings Update vulnerability
<= 1.0.113
05/03/2020