Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2021-38344

The Brizy Page Builder plugin <= 2.3.11 for WordPress was vulnerable to stored XSS by lower-privileged users such as a subscribers. It was possible to add malicious JavaScript to a page by modifying the request sent to update the page via the brizy_update_item AJAX action and adding JavaScript to the data parameter, which would be executed in the session of any visitor viewing or previewing the post or page.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.0%
CVSS Severity
CVSS v3 Score 6.4
CVSS v2 Score 3.5
Products affected by CVE-2021-38344


Contact Us

Shodan ® - All rights reserved