Skip to main content

Bricks

4 CVEs product

Monthly

CVE-2024-2297 HIGH This Week

The Bricks theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.6.1. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

WordPress PHP RCE Privilege Escalation Bricks
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2024-4874 MEDIUM This Month

The Bricks Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.9.8 via the postId parameter due to missing validation on a user. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Bricks
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2022-3401 HIGH This Week

The Bricks theme for WordPress is vulnerable to remote code execution due to the theme allowing site editors to include executable code blocks in website content in versions 1.2 to 1.5.3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE WordPress Bricks
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2022-3400 MEDIUM This Month

The Bricks theme for WordPress is vulnerable to authorization bypass due to a missing capability check on the bricks_save_post AJAX action in versions 1.0 to 1.5.3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Bricks
NVD
CVSS 3.1
6.5
EPSS
0.6%
EPSS 0% CVSS 7.1
HIGH This Week

The Bricks theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.6.1. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

WordPress PHP RCE +2
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The Bricks Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.9.8 via the postId parameter due to missing validation on a user. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Bricks
NVD
EPSS 2% CVSS 8.8
HIGH This Week

The Bricks theme for WordPress is vulnerable to remote code execution due to the theme allowing site editors to include executable code blocks in website content in versions 1.2 to 1.5.3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE WordPress Bricks
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

The Bricks theme for WordPress is vulnerable to authorization bypass due to a missing capability check on the bricks_save_post AJAX action in versions 1.0 to 1.5.3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Bricks
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy