CVE-2024-9616

The BlockMeister – Block Pattern Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.1.10. This makes it possible for unauthenticated attackers to inject arbitrar...

CVE-2024-9616

The BlockMeister – Block Pattern Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.1.10. This makes it possible for unauthenticated attackers to inject arbitrar...

CVE-2024-9616

The CVE-2024-9616 entry concerns BlockMeister – Block Pattern Builder for WordPress. A Reflected Cross-Site Scripting flaw exists in all versions up to 3.1.10 due to use of add_query_arg without proper escaping, enabling unauthenticated attackers to inject scripts into pages that run when a user ...

CVE-2024-9616 BlockMeister – Block Pattern Builder <= 3.1.10 - Reflected Cross-Site Scripting

The BlockMeister – Block Pattern Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.1.10. This makes it possible for unauthenticated attackers to inject arbitrar...

WordPress plugin BlockMeister 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2024-39721 · WordPress · The Blockmeister – Block Pattern Builder

Name of the Vulnerable Software and Affected Versions: The BlockMeister – Block Pattern Builder plugin for WordPress versions up to, and including, 3.1.10 Description: The issue arises from the use of add query arg without proper escaping on the URL, leading to Reflected Cross-Site Scripting. Thi...

WordPress BlockMeister – Block Pattern Builder plugin <= 3.1.10 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin BlockMeister – Block Pattern Builder versions = 3.1.10...

WordPress BlockMeister – Block Pattern Builder Plugin <= 3.1.10 is vulnerable to Cross Site Scripting (XSS)

Software BlockMeister – Block Pattern Builder Type Plugin Vulnerable versions = 3.1.10 Fixed in 3.1.11 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9616 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ebcd0d6a0a49...

WordPress BlockMeister – Block Pattern Builder Plugin < 3.1.10 is vulnerable to Cross Site Scripting (XSS)

Software BlockMeister – Block Pattern Builder Type Plugin Vulnerable versions 3.1.10 Fixed in 3.1.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 562dc21053f0 Credits Rafie...

WordPress BlockMeister – Block Pattern Builder plugin < 3.0.5 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress BlockMeister – Block Pattern Builder plugin versions 3.0.5. Solution Update the WordPress BlockMeister – Block Pattern Builder plugin to the latest available version at least 3.0.5...

WordPress BlockMeister – Block Pattern Builder plugin < 3.0.5 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress BlockMeister – Block Pattern Builder plugin versions 3.0.5. Solution Update the WordPress BlockMeister – Block Pattern Builder plugin to the latest available version at least 3.0.5...