Browse all 7 CVE security advisories affecting Bricks Builder. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Bricks Builder is a WordPress page builder plugin enabling visual website construction through drag-and-drop functionality. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues. The plugin's complex architecture and extensive use of shortcodes have contributed to security risks. With seven CVEs documented, common weaknesses include insufficient input validation and improper access controls. While no major public incidents have been widely reported, the consistent discovery of critical vulnerabilities suggests potential risks for unpatched installations. Regular updates and proper input sanitization remain essential for maintaining security when using this tool.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-6495 | Bricks Builder <= 1.12.4 - Unauthenticated SQL Injection via `p` Parameter — BricksCWE-89 | 7.5 | High | 2025-07-29 |
| CVE-2024-2297 | Bricksbuilder <= 1.9.6.1 - Authenticated (Contributor+) Privilege Escalation via create_autosave — BricksCWE-269 | 7.1 | High | 2025-02-27 |
| CVE-2023-3410 | Bricks <= 1.10.1 - Authenticated (Bricks Page Builder Access+) Stored Cross-Site Scripting — BricksCWE-79 | 5.4 | Medium | 2024-09-14 |
| CVE-2023-3408 | Bricks <= 1.8.1 - Cross-Site Request Forgery via save_settings — BricksCWE-352 | 4.3 | Medium | 2024-08-17 |
| CVE-2023-3409 | Bricks <= 1.8.1 - Cross-Site Request Forgery via reset_settings — BricksCWE-352 | 5.4 | Medium | 2024-08-17 |
| CVE-2022-3401 | WordPress theme Bricks 代码注入漏洞 — Bricks | 8.8 | High | 2022-10-28 |
| CVE-2022-3400 | WordPress theme Bricks 安全漏洞 — Bricks | 6.5 | Medium | 2022-10-28 |
This page lists every published CVE security advisory associated with Bricks Builder. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.