Lucene search
K

99 matches found

CNNVD
CNNVD
added 2024/12/27 12:0 a.m.3 views

WordPress plugin float block 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.8CVSS8.3AI score0.00341EPSS
Exploits1References1
NVD
NVD
added 2024/12/19 7:15 a.m.60 views

CVE-2024-12560

The Button Block – Get fully customizable & multi-functional buttons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.5 via the 'btnblockduplicatepost' function. This makes it possible for authenticated attackers, with Contributor-leve...

6.5CVSS0.00355EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/12/18 10:38 p.m.7 views

WordPress Button Block plugin <= 1.1.5 - Authenticated (Contributor+) Post Disclosure via Post Duplication vulnerability

Authenticated Contributor+ Post Disclosure via Post Duplication vulnerability discovered by Webbernaut in WordPress Plugin Button Block versions = 1.1.5...

6.5CVSS7AI score0.00355EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/21 10:41 p.m.4 views

WordPress Button Block plugin <= 1.1.4 - Authenticated (Contributor+) Post Disclosure vulnerability

Authenticated Contributor+ Post Disclosure vulnerability discovered by Francesco Carlucci in WordPress Plugin Button Block versions = 1.1.4...

6.5CVSS7AI score0.00506EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/11/19 7:35 a.m.82 views

CVE-2024-11098

CVE-2024-11098 : The WordPress plugin SVG Block is vulnerable to Stored Cross-Site Scripting via REST API SVG file uploads in all versions up to and including 1.1.24. Exploitation requires authenticated access at Administrator level or higher, and can cause arbitrary scripts to run in pages when ...

5.5CVSS5.1AI score0.00352EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/07/13 12:0 a.m.4 views

WordPress plugin SVG Block security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

6.1CVSS5.9AI score0.00417EPSS
Exploits1References2
WPVulnDB
WPVulnDB
added 2024/06/12 12:0 a.m.10 views

BlockArt Blocks – Gutenberg Blocks, Page Builder Blocks ,WordPress Block Plugin, Sections & Template Library < 2.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The BlockArt Blocks – Gutenberg Blocks, Page Builder Blocks ,WordPress Block Plugin, Sections & Template Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.1.5 due to insufficient input sanitization and output escaping on...

6.5CVSS5.8AI score0.00254EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/06/09 12:0 a.m.6 views

WordPress plugin Social Icons Widget & Block by WPZOOM Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

8.8CVSS6.8AI score0.01517EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/05/21 8:5 a.m.4 views

WordPress Social Icons Widget & Block plugin < 4.2.18 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Social Icons Widget & Block by WPZOOM versions 4.2.18...

6.1CVSS6.1AI score0.00391EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/10/26 12:0 a.m.12 views

PDF Block <= 1.1.0 - Contributor+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.7AI score0.004EPSS
Exploits0References2
NVD
NVD
added 2023/10/25 6:17 p.m.16 views

CVE-2023-45646

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Henryholtgeerts PDF Block plugin = 1.1.0 versions...

6.5CVSS5.8AI score0.004EPSS
Exploits0References1
Prion
Prion
added 2023/10/25 6:17 p.m.12 views

Cross site scripting

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Henryholtgeerts PDF Block plugin = 1.1.0 versions...

4.9CVSS5.2AI score0.004EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/24 11:22 a.m.13 views

CVE-2023-45646 WordPress PDF Block Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Henryholtgeerts PDF Block plugin = 1.1.0 versions...

6.5CVSS5.8AI score0.004EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/10/12 12:0 a.m.9 views

WordPress PDF Block Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software PDF Block Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-45646 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID db7b4dd9bebf Credits Mika Required privilege...

6.5CVSS5.7AI score0.004EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/10/10 10:15 a.m.4 views

CVE-2023-44261

Cross-Site Request Forgery CSRF vulnerability in Dinesh Karki Block Plugin Update plugin = 3.3 versions...

8.8CVSS7.3AI score0.00227EPSS
Exploits0References1
NVD
NVD
added 2023/10/10 10:15 a.m.27 views

CVE-2023-44261

Cross-Site Request Forgery CSRF vulnerability in Dinesh Karki Block Plugin Update plugin = 3.3 versions...

8.8CVSS5.8AI score0.00227EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/10 9:4 a.m.18 views

CVE-2023-44261 WordPress Block Plugin Update Plugin <= 3.3 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Dinesh Karki Block Plugin Update plugin = 3.3 versions...

4.3CVSS7.1AI score0.00227EPSS
Exploits0References1
CVE
CVE
added 2023/10/10 9:4 a.m.49 views

CVE-2023-44261

CVE-2023-44261 is a CSRF vulnerability in WordPress Block Plugin Update (

8.8CVSS6.5AI score0.00227EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/10/10 12:0 a.m.7 views

WordPress Plugin Block Plugin Update Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

8.8CVSS6.4AI score0.00227EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/09/27 12:0 a.m.12 views

WordPress Block Plugin Update Plugin <= 3.3.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Block Plugin Update Type Plugin Vulnerable versions = 3.3.1 Fixed in 3.3.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-44261 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f0f21aec1564 Credits Abdi Pranata...

8.8CVSS6.9AI score0.00227EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder