[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fZYa6P_Bj1Q0f50DlpNb-yX7gcazAN-bCiXyTSoyMrdc":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"WF-ba98a282-39ee-4a84-b988-ecfc0c4cd297-brizy","brizy-page-builder-missing-authorization-to-settings-update","Brizy - Page Builder \u003C 1.0.114 - Missing Authorization to Settings Update","The Brizy - Page Builder plugin for WordPress is vulnerable to authorization bypass due to a missing capability check and direct file access to \u002Fbrizy\u002Fadmin\u002Fsite-settings.php in versions up to 1.0.114. This makes it possible for unauthenticated attackers to access the settings page and make modifications to the site's settings. This could be used to inject XSS.","brizy",null,"\u003C1.0.114","1.0.114","medium",6.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:L","Missing Authorization","2020-03-05 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fba98a282-39ee-4a84-b988-ecfc0c4cd297?source=api-prod",1419]