CVE-2024-3711P4MEDIUMCVSS 4.3≤ 2.4.432024-05-23
CVE-2024-3711 [MEDIUM] CWE-862 CVE-2024-3711: The Brizy – Page Builder plugin for WordPress is vulnerable to unauthorized plugin setting update du
The Brizy – Page Builder plugin for WordPress is vulnerable to unauthorized plugin setting update due to a missing capability check on the functions action_request_disable, action_change_template, and action_request_enable in all versions up to, and including, 2.4.43. This makes it possible for authenticated attackers, with contributor access or above
nvd