High severity7.4NVD Advisory· Published Oct 20, 2023· Updated Apr 8, 2026
CVE-2020-36714
CVE-2020-36714
Description
The Brizy plugin for WordPress is vulnerable to authorization bypass due to a incorrect capability check on the is_administrator() function in versions up to, and including, 1.0.125. This makes it possible for authenticated attackers to access and interact with available AJAX functions.
Affected products
2Patches
Vulnerability mechanics
References
2- blog.nintechnet.com/wordpress-brizy-page-builder-plugin-fixed-critical-vulnerabilities/nvdExploitThird Party Advisory
- www.wordfence.com/threat-intel/vulnerabilities/id/9495e25d-a5a6-4f25-9363-783626e58a4anvdThird Party Advisory
News mentions
0No linked articles in our index yet.