Brizy – Page Builder

Vulnerabilities 38Slug brizyLatest version 2.8.14WordPress.org →

Minimum safe version

2.8.12

Update to 2.8.12 or later to address 38 fixable vulnerabilities

Latest available2.8.14
Medium 6.5
2025-12-13< 2.7.17

Brizy – Page Builder <= 2.7.16 - Authenticated (Contributor+) Sensitive Information Exposure via get_users Function

EUVDWordfenceCVE
Medium 5.3
2025-07-29< 2.6.21

Brizy <= 2.6.20 - Missing Authorization to Unauthenticated Limited File Upload

EUVDWordfenceCVE
Medium 6.5
2024-12-26< 2.4.30

WordPress Brizy – Page Builder Plugin <= 2.4.29 is vulnerable to Cross Site Scripting (XSS)

PatchstackCVEWPScan
N/A
2023-11-09< 2.4.30

WordPress Brizy – Page Builder Plugin < 2.4.30 is vulnerable to Cross Site Scripting (XSS)

Patchstack
N/A
2023-11-06< 2.4.30

Brizy <= 2.4.29 - Cross-Site Scripting

Wordfence
High 7.4
2023-10-20< 1.0.126

CVE-2020-36714

CVE
N/A
2020-03-05< 1.0.114

Brizy - Page Builder < 1.0.114 - Missing Authorization to Settings Update

Wordfence
N/A
2020-06-03< 1.0.126

Brizy < 1.0.126 - Authorization Bypass to Settings Updates

Wordfence
N/A
< 1.0.114

Brizy - Page Builder &lt; 1.0.114 - Unauthenticated Site Settings Update

WPScan
N/A
< 1.0.126

Brizy - Page Builder &lt; 1.0.126 - Improper Access Controls on AJAX Calls

WPScan
N/A
2020-03-05< 1.0.114

WordPress Brizy – Page Builder plugin <= 1.0.113 - Unauthenticated Site Settings Update vulnerability

Patchstack
N/A
2020-06-10< 1.0.126

WordPress Brizy – Page Builder plugin <= 1.0.125 - Broken Access Control vulnerability

Patchstack