Bricks 1.9.6.1 Patches Critical RCE Vulnerability
james giroux reports on WpTavern:
First disclosed by security researcher Calvin Alkan of snicco, the vulnerability impacts all versions of Bricks Builder before version 1.9.6.1. Identified as a Remote Code Execution (RCE) flaw, it poses a critical security risk, allowing attackers to potentially gain unauthorized control over websites running on an affected version of Bricks.
What is Bricks?
Bricks or Bricks Builder is a visual site builder that allows users to create web pages on WordPress without using code through their drag-and-drop interface. Unlike other similar products in the WordPress ecosystem which deliver functionality through plugins, the Bricks Builder uses the theme functionality as it’s way of delivering features to users.
more infos & data and background: https://wptavern.com/bricks-1-9-6-1-pat ... nerability