Browse all 4 CVE security advisories affecting Brizy.io. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Brizy.io is a WordPress page builder enabling users to create websites through drag-and-drop functionality. Historically, the platform has been susceptible to multiple security vulnerabilities, including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws. These issues have allowed attackers to execute arbitrary code, inject malicious scripts, or gain unauthorized administrative access. The platform currently has four CVEs on record, highlighting ongoing security challenges. While no major public incidents have been widely documented, the recurring nature of these vulnerabilities suggests potential risks for users who fail to maintain timely updates and implement proper security hardening measures.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-51396 | WordPress Brizy – Page Builder Plugin <= 2.4.29 is vulnerable to Cross Site Scripting (XSS) — Brizy – Page BuilderCWE-79 | 6.5 | Medium | 2023-12-29 |
| CVE-2021-38346 | Brizy <= 2.3.11 Authenticated Unrestricted File Upload and Path Traversal — Brizy - Page BuilderCWE-79 | 8.8 | High | 2021-10-14 |
| CVE-2021-38345 | Brizy <= 1.0.125 and 1.0.127 – 2.3.11 Incorrect authorization checks allowing Post modification — Brizy - Page BuilderCWE-79 | 7.1 | High | 2021-10-14 |
| CVE-2021-38344 | Brizy <= 2.3.11 Authenticated Stored Cross-Site Scripting — Brizy - Page BuilderCWE-79 | 6.4 | Medium | 2021-10-14 |
This page lists every published CVE security advisory associated with Brizy.io. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.