Multiple Vulnerabilities in Brizy Page Builder Plugin Allow Site Takeover

WordFence - 

Note: To receive disclosures like this in your inbox the moment they’re published, you can subscribe to our WordPress Security Mailing List.

On August 19, , the Wordfence Threat Intelligence team initiated the Responsible Disclosure process for Brizy – Page Builder, a WordPress plugin installed on over 90,000 sites.

During a routine review of our firewall rules, we found traffic indicating that a might be present in the Brizy – Page Builder plugin, though it did not appear to be under active . This led to discover two new vulnerabilities as well as a previously patched access control vulnerability in the plugin that had been reintroduced.

Both new vulnerabilities could take advantage of the access control vulnerability to allow complete site takeover, including a combination that allowed any logged-in user to modify any published post and add malicious JavaScript to it, as well as a separate flaw that allowed any logged-in user to upload potentially executable files and achieve remote code execution.

We received a response to our initial disclosure and sent over the full disclosure the same day, on August 19, 2021. A patched version of the Brizy – Page Builder plugin, 2.3.12, was released on August

Read More: https://www.wordfence.com/blog/2021/10/multiple-vulnerabilities-in-brizy-page-builder-plugin-allow-site-takeover/