4 matches found
CVE-2025-12388
The B Carousel Block – Responsive Image and Content Carousel plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 1.1.5. This is due to the plugin not validating user-supplied URLs before passing them to the wpremoterequest function. This makes it...
CVE-2025-12388 B Carousel Block – Responsive Image and Content Carousel <= 1.1.5 - Missing Authorization to Authenticated (Subscriber+) Server-Side Request Forgery
The B Carousel Block – Responsive Image and Content Carousel plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 1.1.5. This is due to the plugin not validating user-supplied URLs before passing them to the wpremoterequest function. This makes it...
WordPress B Carousel Block plugin <= 1.1.5 - Missing Authorization to Authenticated (Subscriber+) Server-Side Request Forgery vulnerability
Missing Authorization to Authenticated Subscriber+ Server-Side Request Forgery vulnerability discovered by Sushi Com Abacate in WordPress Plugin B Carousel Block versions = 1.1.5...
PT-2025-45090
Name of the Vulnerable Software and Affected Versions B Carousel Block – Responsive Image and Content Carousel versions up to and including 1.1.5 Description The B Carousel Block – Responsive Image and Content Carousel plugin for WordPress is susceptible to Server-Side Request Forgery. The issue...