Brizy – Page Builder Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Attributes and Widget Link To URL – CVE-2024-1161, CVE-2024-3667, CVE-2024-2087, CVE-2024-1164 | WordPress Plugin Vulnerability Report
Plugin Name: Brizy – Page Builder
Key Information:
- Software Type: Plugin
- Software Slug: brizy
- Software Status: Active
- Software Author: themefusecom
- Software Downloads: 4,689,320
- Active Installs: 80,000
- Last Updated: June 18, 2024
- Patched Versions: 2.4.44
- Affected Versions: <= 2.4.43
Vulnerability Details:
Vulnerability 1:
- Name: Brizy – Page Builder <= 2.4.43
- Title: Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Attributes
- Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
- CVE: CVE-2024-1161
- CVSS Score: 6.4
- Publicly Published: June 4, 2024
- Researcher: Wesley
- Description: The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Custom Attributes for blocks in all versions up to, and including, 2.4.43 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
- References: Wordfence Report
Vulnerability 2:
- Name: Brizy – Page Builder <= 2.4.43
- Title: Authenticated (Contributor+) Stored Cross-Site Scripting via Widget Link To URL
- Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
- CVE: CVE-2024-3667
- CVSS Score: 7.4
- Publicly Published: June 4, 2024
- Researcher: Webbernaut
- Description: The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Link To' field of multiple widgets in all versions up to, and including, 2.4.43 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
- References: Wordfence Report
Vulnerability 3:
- Name: Brizy – Page Builder <= 2.4.43
- Title: Unauthenticated Stored Cross-Site Scripting via Form
- Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
- CVE: CVE-2024-2087
- CVSS Score: 7.2
- Publicly Published: June 4, 2024
- Researcher: Wesley
- Description: The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form name values in all versions up to, and including, 2.4.43 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
- References: Wordfence Report
Vulnerability 4:
- Name: Brizy – Page Builder <= 2.4.43
- Title: Authenticated (Contributor+) Stored Cross-Site Scripting via Form Functionality
- Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
- CVE: CVE-2024-1164
- CVSS Score: 6.4
- Publicly Published: June 4, 2024
- Researcher: RandomRoot
- Description: The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's contact form widget error message and redirect URL in all versions up to, and including, 2.4.43 due to insufficient input sanitization and output escaping on user supplied error messages. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Summary:
The Brizy – Page Builder plugin for WordPress has vulnerabilities in versions up to and including 2.4.43 that enable authenticated contributors and above to inject arbitrary web scripts via Custom Attributes, Widget Link To URL, form name values, and contact form error messages. These vulnerabilities have been patched in version 2.4.44.
Detailed Overview:
The vulnerabilities stem from inadequate input sanitization and output escaping mechanisms in various functionalities of the Brizy – Page Builder plugin. Attackers with contributor-level access or higher can exploit these flaws to inject malicious scripts into pages, potentially leading to site compromise, data theft, or malware distribution. To mitigate these risks, users are strongly advised to update to Brizy – Page Builder version 2.4.44 or later immediately.
Advice for Users:
Immediate Action: Update Brizy – Page Builder plugin to version 2.4.44 or later to secure your WordPress site against these vulnerabilities.
Check for Signs of Vulnerability: Monitor your website for any unusual activity, such as unexpected scripts executing on pages.
Alternate Plugins: Consider using alternative plugins that offer similar functionalities while awaiting the update to Brizy – Page Builder version 2.4.44.
Stay Updated: Regularly update all WordPress plugins to their latest versions to prevent vulnerabilities.
Conclusion:
The swift response from Brizy – Page Builder developers in releasing version 2.4.44 underscores the critical importance of timely updates for WordPress plugins. Users must prioritize updating to version 2.4.44 or newer to fortify their WordPress installations against potential exploits.
References:
- Wordfence Report on CVE-2024-1161
- Wordfence Report on CVE-2024-3667
- Wordfence Report on CVE-2024-2087
- Wordfence Report on CVE-2024-1164
Detailed Report:
In today's digital landscape, the security of your website is crucial to maintain trust and functionality. WordPress plugins, like Brizy – Page Builder, often enhance websites but can also introduce vulnerabilities that malicious actors exploit. Recently, several critical vulnerabilities have been identified in Brizy – Page Builder versions up to 2.4.43, potentially allowing attackers to inject harmful scripts.
Plugin Overview:
Brizy – Page Builder, developed by themefusecom, is a popular WordPress plugin known for its user-friendly page building capabilities. With over 80,000 active installs and millions of downloads, it offers extensive customization options for WordPress websites. However, the plugin has recently come under scrutiny due to vulnerabilities that compromise website security.
Vulnerability Details:
Vulnerability 1: Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Attributes
CVE-2024-1161 exposes a significant risk whereby authenticated users with contributor-level access or higher can inject malicious scripts through the Custom Attributes feature in Brizy – Page Builder. This flaw stems from inadequate input sanitization and output escaping, allowing attackers to execute arbitrary code on affected websites.
Vulnerability 2: Authenticated (Contributor+) Stored Cross-Site Scripting via Widget Link To URL
CVE-2024-3667 enables attackers to exploit the 'Link To' field in various widgets within Brizy – Page Builder. Authenticated contributors and above can inject malicious scripts, potentially altering website content and undermining its integrity.
Vulnerability 3: Unauthenticated Stored Cross-Site Scripting via Form
CVE-2024-2087 poses a risk where unauthenticated attackers can inject malicious scripts via form name values. This vulnerability, due to inadequate input sanitization, facilitates phishing attacks or malware distribution through compromised WordPress sites.
Vulnerability 4: Authenticated (Contributor+) Stored Cross-Site Scripting via Form Functionality
CVE-2024-1164 allows authenticated attackers to inject arbitrary scripts via error messages and redirect URLs in Brizy – Page Builder's contact form widget. This vulnerability, when exploited, can lead to unauthorized actions or compromise sensitive user data.
Risks and Potential Impacts:
These vulnerabilities expose WordPress site owners to severe risks, including unauthorized data access, website defacement, and potential legal liabilities. Exploitation could result in business downtime, financial losses, and damage to brand reputation, impacting customer trust and loyalty.
Remediating the Vulnerabilities:
To mitigate these risks, it is imperative to take immediate action:
- Update: Install the latest Brizy – Page Builder version (2.4.44 or newer) to patch these vulnerabilities.
- Monitor: Regularly check for unusual website behavior or unexpected script executions.
- Consider Alternatives: Temporarily switch to alternative plugins offering similar functionalities if immediate update isn't feasible.
- Stay Vigilant: Implement a proactive approach to plugin and theme updates to reduce exposure to future vulnerabilities.
Overview of Previous Vulnerabilities:
Since March 2020, Brizy – Page Builder has faced multiple vulnerabilities, highlighting the ongoing importance of robust security practices and timely updates for WordPress site owners.
Conclusion:
As a small business owner managing a WordPress website, maintaining security vigilance is paramount. The recent vulnerabilities in Brizy – Page Builder underscore the critical need for proactive measures to safeguard your website and customer data. By prioritizing plugin updates and adopting best security practices, you can mitigate risks, uphold website integrity, and protect your business reputation in the digital realm.
Staying Secure
Staying on top of WordPress security can feel overwhelming for small business owners without dedicated IT staff. At Your WP Guy, we exist to shoulder that burden for you. Our WordPress experts can fully audit, secure, maintain and support your site - so you can focus on growing your business with peace of mind.
Don't tackle security risks alone. Let us help you assess any impact from this vulnerability, update your plugins, and implement ongoing maintenance to avoid future threats. We treat your website like it's our own - because we know how critical it is for reaching your customers.
Get in touch for a free consultation today on making WordPress security stress-free. Call 678-995-5169 or book a call here. Our knowledgeable team is ready to help you safeguard your online presence.