Unrated severityNVD Advisory· Published Oct 28, 2022· Updated Jan 31, 2025
CVE-2022-3400
CVE-2022-3400
Description
The Bricks theme for WordPress is vulnerable to authorization bypass due to a missing capability check on the bricks_save_post AJAX action in versions 1.0 to 1.5.3. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to edit any page, post, or template on the vulnerable WordPress website.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 1.0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.