WordPress Brizy Page Builder Plugin Fixed a Broken Access Control Vulnerability

The broken access control vulnerability was reported to the authors on 20th May, 2020. On 2nd June, 2020 a new version 1.0.125 was released. However, because all vulnerabilities were still exploitable in version 1.0.125, the authors were contacted again the same day. In the result of it a new version 1.0.126 was released on 3rd June, 2020.Now the WordPress Brizy Page Builder plugin fixed a broken access control vulnerability which was affecting version 1.0.125 and below that could allow any authenticated user to gain full access to the editor.

Few Points to Remember About the Brizy Page Builder

  • Version: 1.0.126
  • Last updated: 2 weeks ago
  • Active installations: 60,000+
  • WordPress Version: 4.5 or higher
  • Tested up to: 5.3.4
  • PHP Version: 5.6 or higher
  • Languages: 30

Brizy Uses Its Own Role Manager:

Brizy is a Page Builder Plugin so as other page builder plugins Brizy also uses its own role manager. You can set the access control of the editor, author, contributor and subscriber from role manager to allow or restrict access to the editor role manager relies on its two capabilities (brizy_edit_whole_page and brizy_edit_content_only). There’s no other safeguard, except a couple of security nonce used to prevent CSRF attacks.

Brizy Page Builder Plugin
Credit: Third-Party Image Reference

Broken Access Control

To checks if the user is allowed to access the editor and its functions throughout its code   by calling is_user_allowed() function for instance in initializeApiActions()function which is located in the script called ‘brizy/editor/api.php’

The is_user_allowed()  function is located in the ‘brizy/editor.php’ script.

In the same script the is_administrator() function also found. By calling it can check if the user is logged in and has the right capability or not and also checks if it is an admin y calling same function. 

This function will again check if the user is logged in and it will return the value of either the is_admin() or is_super_admin() functions. The function is_super_admin()  will check whether  the user is an administrator (single site) or super admin (multi site), while the is_admin() function will only check whether the user is accessing a page from the back end or not, hence when called by a logged in user the function will always return true value.

Recommendations

 If you are using web application firewall for WordPress, Ninja Firewall WP Edition (free) and Ninja Firewall WP+ Edition (premium), then you don’t need to upgrade and you are protected against this vulnerability. But if you have version 1.0.125 or below then you need to upgrade as soon as possible.

Also Read: Market of Web Hosting Service Market Reviewed for 2020 – 2026

Why Should You Choose Managed WordPress Hosting?

Related articles

How E-E-A-T is Shaping SEO Strategies in 2024

In today's competitive digital landscape, search engine optimization (SEO)...

A Step-by-Step Guide on Overcoming Local SEO Challenges

Local SEO is a cornerstone of online success for...

The Art of Intuitive Navigation: Enhancing User Experience with Smart Design

The process of navigation through a website should be...

Mastering Local SEO for Restaurants and Takeaway Businesses in 2024

In today's digital age, local Search Engine Optimization (SEO)...

What is a Quiz Marketing? The Ultimate Guide to Boosting Leads and Sales

In today's digital age, capturing and maintaining consumer attention...
Sushma M.
Sushma M.
Hi, I am Sushma M. an experienced digital marketer with vast knowledge in related domains such as SEO, PPC, Social Media Marketing, and Content Marketing. I am also a Blogger and run my own blog, Digital Sushma. Lately, I have started researching and analyzing the latest innovations in the field of AI, ML, and Data Science and how these innovations can affect Internet Marketing.