Lucene search
K

166 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:39 a.m.4 views

CVE-2024-33572

Missing Authorization vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor.This issue affects Nexter Blocks: from n/a through = 3.2.5...

8.8CVSS5.9AI score0.0043EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:35 a.m.5 views

CVE-2024-32586

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Munir Kamal Gutenberg Block Editor Toolkit allows Stored XSS.This issue affects Gutenberg Block Editor Toolkit: from n/a through 1.40.4...

6.5CVSS5.2AI score0.00291EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:40 a.m.5 views

CVE-2024-50549

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Steven Nolles Bonway Static Block Editor bonway-static-block-editor allows DOM-Based XSS.This issue affects Bonway Static Block Editor: from n/a through = 1.1.0...

6.5CVSS5.9AI score0.00341EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:11 p.m.9 views

CVE-2021-39203

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions authenticated users who don't have permission to view private post types/data can bypass restrictions in the block editor under certain conditions. This...

6.8CVSS6.6AI score0.00941EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:34 p.m.9 views

CVE-2021-24546

The Gutenberg Block Editor Toolkit – EditorsKit WordPress plugin before 1.31.6 does not sanitise and validate the Conditional Logic of the Custom Visibility settings, allowing users with a role as low contributor to execute Arbitrary PHP code...

8.8CVSS7AI score0.01753EPSS
Exploits2References1
OSV
OSV
added 2025/05/15 8:15 p.m.2 views

CVE-2024-10631

The Countdown Timer for WordPress Block Editor WordPress plugin through 1.0.5 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site...

6.5CVSS5.8AI score0.00252EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/05/15 12:0 a.m.3 views

WordPress plugin Countdown Timer for WordPress Block Editor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

6.5CVSS6AI score0.00252EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/21 6:15 a.m.6 views

CVE-2025-24841

Movable Type contains a stored cross-site scripting vulnerability in the HTML edit mode of MT Block Editor. It is exploitable when TinyMCE6 is used as a rich text editor and an arbitrary script may be executed on a logged-in user's web browser...

5.4CVSS5.9AI score0.00208EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/02/19 7:19 a.m.3 views

Multiple cross-site scripting vulnerabilities in Movable Type

Overview Movable Type provided by Six Apart Ltd. contains multiple cross-site scripting vulnerabilities listed below. Stored cross-site scripting vulnerability in the custom block edit page of MT Block Editor CWE-79 - CVE-2025-22888 Stored cross-site scripting vulnerability in the HTML edit mode ...

6.1CVSS6.1AI score0.00238EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/02/19 5:52 a.m.17 views

CVE-2025-22888

Movable Type contains a stored cross-site scripting vulnerability in the custom block edit page of MT Block Editor. If exploited, an arbitrary script may be executed on a logged-in user's web browser...

5.4CVSS0.00208EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/02/19 12:0 a.m.3 views

PT-2025-7546 · Tinymce +1 · Tinymce +1

Name of the Vulnerable Software and Affected Versions: Movable Type affected versions not specified Description: Movable Type contains a stored cross-site scripting issue in the HTML edit mode of MT Block Editor. It is exploitable when TinyMCE6 is used as a rich text editor, allowing an arbitrary...

5.4CVSS6.1AI score0.00208EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/02/19 12:0 a.m.4 views

PT-2025-7542 · Unknown · Movable Type

Name of the Vulnerable Software and Affected Versions: Movable Type affected versions not specified Description: Movable Type contains a stored cross-site scripting vulnerability in the custom block edit page of MT Block Editor. If exploited, an arbitrary script may be executed on a logged-in...

5.4CVSS6.2AI score0.00208EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/02/05 9:49 a.m.8 views

CVE-2024-30435

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor.This issue affects Nexter Blocks: from n/a through = 3.2.5...

7.1CVSS7.2AI score0.00423EPSS
Exploits0References1
NVD
NVD
added 2024/11/28 11:15 a.m.13 views

CVE-2024-11402

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kubiq Block Editor Bootstrap Blocks block-editor-bootstrap-blocks allows Reflected XSS.This issue affects Block Editor Bootstrap Blocks: from n/a through = 6.6.1...

7.1CVSS0.0032EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/28 11:0 a.m.23 views

CVE-2024-11402 WordPress Block Editor Bootstrap Blocks plugin <= 6.6.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kubiq Block Editor Bootstrap Blocks block-editor-bootstrap-blocks allows Reflected XSS.This issue affects Block Editor Bootstrap Blocks: from n/a through = 6.6.1...

7.1CVSS0.0032EPSS
Exploits0References1
CVE
CVE
added 2024/11/28 11:0 a.m.42 views

CVE-2024-11402

CVE-2024-11402 corresponds to WordPress Block Editor Bootstrap Blocks plugin (

7.1CVSS7.2AI score0.0032EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/28 11:0 a.m.7 views

CVE-2024-11402 WordPress Block Editor Bootstrap Blocks plugin <= 6.6.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kubiq Block Editor Bootstrap Blocks block-editor-bootstrap-blocks allows Reflected XSS.This issue affects Block Editor Bootstrap Blocks: from n/a through = 6.6.1...

7.1CVSS7.2AI score0.0032EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/28 12:0 a.m.6 views

PT-2024-16961 · WordPress · Wp-Speedup Block Editor Bootstrap Blocks

Name of the Vulnerable Software and Affected Versions: WP-speedup Block Editor Bootstrap Blocks versions through 6.6.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, which allows Reflected XSS. This lets an...

7.1CVSS9.1AI score0.0032EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/11/28 12:0 a.m.5 views

WordPress plugin Block Editor Bootstrap Blocks 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

7.1CVSS7.7AI score0.0032EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/11/20 11:2 a.m.4 views

WordPress Block Editor Bootstrap Blocks plugin <= 6.6.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin Block Editor Bootstrap Blocks versions = 6.6.1...

7.1CVSS6.1AI score0.0032EPSS
Exploits0Affected Software1
Rows per page
Query Builder