3 matches found
CVE-2026-4895
The GreenShift - Animation and Page Builder Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 12.8.9 This is due to insufficient input sanitization and output escaping in the gspbgreenShiftblockscriptassets function. The function uses...
CVE-2026-4895
The CVE-2026-4895 entry concerns the GreenShift - Animation and Page Builder Blocks WordPress plugin. A stored XSS exists in versions up to 12.8.9 due to insufficient input sanitization and output escaping in the gspb_greenShift_block_script_assets() function. The code uses str_replace() to inser...
Design/Logic Flaw
An issue was discovered in GitLab Community Edition CE and Enterprise Edition EE before 12.7.9, 12.8.x before 12.8.9, and 12.9.x before 12.9.3. A Workhorse bypass could lead to NuGet package and file disclosure Exposure of Sensitive Information via request smuggling...