cbcvebase.

Cloudways Breeze vulnerabilities

6 known vulnerabilities affecting cloudways/breeze.

Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
2
Severity breakdown
MEDIUM6

Vulnerabilities

Page 1 of 1
CVE-2022-29444P2MEDIUMCVSS 5.4Exploitedfixed in 2.0.3≤ 2.0.22022-05-02
CVE-2022-29444 [MEDIUM] CWE-79 CVE-2022-29444: Plugin Settings Change leading to Cross-Site Scripting (XSS) vulnerability in Cloudways Breeze plugi Plugin Settings Change leading to Cross-Site Scripting (XSS) vulnerability in Cloudways Breeze plugin <= 2.0.2 on WordPress allows users with a subscriber or higher user role to execute any of the wp_ajax_* actions in the class Breeze_Configuration which includes the ability to change any of the plugin's settings including CDN setting which could be
nvd
CVE-2024-27188P2MEDIUMCVSS 5.9Exploited≤ 2.1.32024-03-27
CVE-2024-27188 [MEDIUM] CWE-79 CVE-2024-27188: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cloudways Breeze breeze.This issue affects Breeze: from n/a through <= 2.1.3.
nvd
CVE-2025-69364P4MEDIUMCVSS 5.3≤ 2.2.212026-01-06
CVE-2025-69364 [MEDIUM] CWE-862 CVE-2025-69364: Missing Authorization vulnerability in Cloudways Breeze breeze allows Exploiting Incorrectly Configu Missing Authorization vulnerability in Cloudways Breeze breeze allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Breeze: from n/a through <= 2.2.21.
nvd
CVE-2024-50422P4MEDIUMCVSS 5.3≤ 2.1.142024-10-29
CVE-2024-50422 [MEDIUM] CWE-862 CVE-2024-50422: Missing Authorization vulnerability in Cloudways Breeze breeze allows Exploiting Incorrectly Configu Missing Authorization vulnerability in Cloudways Breeze breeze allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Breeze: from n/a through <= 2.1.14.
nvd
CVE-2025-23999P4MEDIUMCVSS 4.3≤ 2.2.132025-06-18
CVE-2025-23999 [MEDIUM] CWE-862 CVE-2025-23999: Missing Authorization vulnerability in Cloudways Breeze breeze allows Exploiting Incorrectly Configu Missing Authorization vulnerability in Cloudways Breeze breeze allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Breeze: from n/a through <= 2.2.13.
nvd
CVE-2024-50431P4MEDIUMCVSS 5.9≤ 2.1.142024-10-28
CVE-2024-50431 [MEDIUM] CWE-79 CVE-2024-50431: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cloudways Breeze breeze allows Stored XSS.This issue affects Breeze: from n/a through <= 2.1.14.
nvd
Cloudways Breeze vulnerabilities | cvebase