CVE-2026-5324 - Brizy – Page Builder <= 2.8.11 - Unauthenticated Stored Cross-Site Scripting via FileUpload Field Value
CVE ID :CVE-2026-5324 Published : May 2, 2026, 9:16 a.m. | 51 minutes ago Description :The Brizy – Page Builder plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in all versions up to, and including, 2.8.11 This is due to a combination of missing nonce verificat
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Undead co-op shooters, gorgeous hack-and-slash action and other new indie games worth checking out
- [CYBER] New Bluekit Phishing Kit Features AI Assistant
- [CYBER] Op Ed: When it comes to cybersecurity, AI is our best hope in a profession that generally lacks hope
- [CYBER] CVE-2026-7611 - TRENDnet TEW-821DAP Firmware Update cameo_dev.sh platform_do_upgrade_cameo_dev data authenticity
- [CYBER] İranlı Gruptan Ubuntu’ya Saldırı
- [CYBER] CVE-2026-5077 - Total <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Title in Blog Section Image alt Attribute