CVE-2025-58594
BaseFortify
Publication date: 2025-09-03
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| themefuse | brizy | 2.7.12 |
| themefuse | brizy | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Broken Access Control issue in the WordPress Brizy Plugin (up to version 2.7.12) caused by missing authorization, authentication, or nonce token checks in certain functions. It allows users with at least Contributor-level privileges to perform actions that should be restricted to higher privilege levels. Essentially, the plugin does not properly verify if a user is allowed to perform certain actions, leading to potential unauthorized changes. [1]
How can this vulnerability impact me? :
If exploited, this vulnerability could allow a user with Contributor-level access to perform actions reserved for higher privilege users, potentially leading to unauthorized modifications within the WordPress site. Although the risk is considered low and exploitation is unlikely, it could still result in integrity issues or unauthorized changes to the site content or settings. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves checking the version of the Brizy WordPress plugin installed on your system. Since the vulnerability affects versions up to 2.7.12, you can detect it by verifying the plugin version. There are no specific network commands provided to detect exploitation attempts. To check the plugin version via command line, you can use WordPress CLI commands such as: `wp plugin list | grep brizy` to see the installed version. Monitoring for unauthorized privilege escalation attempts by users with Contributor-level access may also help detect exploitation. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate step to mitigate this vulnerability is to update the Brizy WordPress plugin to version 2.7.13 or later, where the issue is resolved. Additionally, Patchstack offers virtual patching (vPatching) that can auto-mitigate this and other vulnerabilities before official patches are applied. Ensuring that only trusted users have Contributor-level privileges can also reduce risk. [1]