Lucene search
K

92 matches found

OSV
OSV
added 2024/12/13 6:15 a.m.4 views

CVE-2024-10678

The Ultimate Blocks WordPress plugin before 3.2.4 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS7.3AI score0.00287EPSS
Exploits1References1
CVE
CVE
added 2024/12/13 6:0 a.m.59 views

CVE-2024-10678

CVE-2024-10678 affects the Ultimate Blocks – WordPress Blocks Plugin prior to 3.2.4. The Red Hat and NVD entries describe that the plugin does not validate or escape certain block options before outputting them in pages/posts where the block is embedded, enabling Stored XSS for users with the Con...

5.4CVSS5.6AI score0.00287EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2024/12/12 6:15 a.m.4 views

CVE-2024-10637

The Gutenberg Blocks with AI by Kadence WP WordPress plugin before 3.2.54 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...

5.4CVSS7.3AI score0.00329EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/12/12 12:0 a.m.7 views

WordPress plugin Gutenberg Blocks with AI by Kadence WP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.4CVSS8.2AI score0.00329EPSS
Exploits1References1
OSV
OSV
added 2024/08/29 11:15 a.m.3 views

CVE-2024-5417

The Gutentor WordPress plugin before 3.3.6 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.8AI score0.00294EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/08/29 12:0 a.m.6 views

WordPress plugin Gutentor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

5.4CVSS5.9AI score0.00294EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/08/28 12:0 a.m.6 views

PT-2024-36078 · WordPress · Gutentor

Name of the Vulnerable Software and Affected Versions: Gutentor WordPress plugin versions prior to 3.3.6 Description: The issue concerns the Gutentor WordPress plugin, which does not validate and escape some of its block options before outputting them back in a page or post where the block is...

5.4CVSS5.9AI score0.00294EPSS
Exploits1References8
CNNVD
CNNVD
added 2024/08/08 12:0 a.m.5 views

WordPress plugin Kadence WP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

5.4CVSS6.6AI score0.00369EPSS
Exploits1References2
OSV
OSV
added 2024/08/02 6:15 a.m.2 views

CVE-2024-5595

The Essential Blocks WordPress plugin before 4.7.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.8AI score0.00442EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/07/11 12:0 a.m.4 views

WordPress plugin Ultimate Blocks security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.3CVSS6.6AI score0.00447EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/07/11 12:0 a.m.13 views

PT-2024-32032 · WordPress · Ultimate Blocks

Name of the Vulnerable Software and Affected Versions: The Ultimate Blocks WordPress plugin versions prior to 3.1.9 Description: The issue is related to the Ultimate Blocks WordPress plugin, which does not validate and escape some of its block options before outputting them back in a page or post...

6.3CVSS5.8AI score0.00447EPSS
Exploits1References8
OSV
OSV
added 2024/06/17 6:15 a.m.2 views

CVE-2024-4305

The Post Grid Gutenberg Blocks and WordPress Blog Plugin WordPress plugin before 4.1.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Si...

6.8CVSS5.8AI score0.0043EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2024/06/17 12:0 a.m.6 views

PT-2024-30272 · Unknown · Post Grid Gutenberg Blocks/Wordpress Blog Plugin

Name of the Vulnerable Software and Affected Versions: The Post Grid Gutenberg Blocks and WordPress Blog Plugin version prior to 4.1.0 Description: The issue concerns a lack of validation and escaping of certain block options, which could allow users with the contributor role and above to perform...

6.8CVSS6AI score0.0043EPSS
Exploits2References4
CNNVD
CNNVD
added 2024/06/17 12:0 a.m.7 views

WordPress plugin Post Grid Gutenberg Blocks and WordPress Blog security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPre...

6.8CVSS6.7AI score0.0043EPSS
Exploits2References2
OSV
OSV
added 2024/05/14 3:40 p.m.5 views

CVE-2024-3239

The Post Grid Gutenberg Blocks and WordPress Blog Plugin WordPress plugin before 4.0.2 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Si...

5.4CVSS5.8AI score0.00416EPSS
Exploits2References1
OSV
OSV
added 2024/04/05 5:15 a.m.19 views

CVE-2024-2509

The Gutenberg Blocks by Kadence Blocks WordPress plugin before 3.2.26 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting atta...

6.5CVSS5.8AI score0.00427EPSS
Exploits3References2
Positive Technologies
Positive Technologies
added 2024/03/17 12:0 a.m.8 views

PT-2024-20738 · Kadence Blocks · Gutenberg Blocks

Name of the Vulnerable Software and Affected Versions: Gutenberg Blocks by Kadence Blocks versions prior to 3.2.26 Description: The issue is related to the Gutenberg Blocks by Kadence Blocks WordPress plugin, which does not validate and escape some of its block options before outputting them back...

6.5CVSS8.2AI score0.00427EPSS
Exploits3References8
OSV
OSV
added 2024/01/16 4:15 p.m.4 views

CVE-2023-0376

The Qubely WordPress plugin before 1.8.5 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS7.3AI score0.00745EPSS
Exploits2References1
OSV
OSV
added 2023/05/15 1:15 p.m.5 views

CVE-2023-0233

The ActiveCampaign WordPress plugin before 8.1.12 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS7.3AI score0.00462EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/05/15 12:15 p.m.28 views

CVE-2023-0233 ActiveCampaign < 8.1.12 - Contributor+ Stored XSS

The ActiveCampaign WordPress plugin before 8.1.12 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.5AI score0.00462EPSS
Exploits2References1
Rows per page
Query Builder