Lucene search
K

315 matches found

osv
osv
added 2023/06/03 1:59 a.m.25 views

CVE-2023-0584 VK Blocks <= 1.57.0.5 - Authenticated(Contributor+) Settings Update

The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST 'updateoptions' function in versions up to, and including, 1.57.0.5. This allows authenticated attackers, with contributor-level permissions or above, to change the 'vkfontawesomeversion' option to an arbitrar...

4.3CVSS6.8AI score0.00508EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2023/06/03 1:59 a.m.7 views

CVE-2023-0584 VK Blocks <= 1.57.0.5 - Authenticated(Contributor+) Settings Update

The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST 'updateoptions' function in versions up to, and including, 1.57.0.5. This allows authenticated attackers, with contributor-level permissions or above, to change the 'vkfontawesomeversion' option to an arbitrar...

4.3CVSS6.7AI score0.00508EPSS
Exploits0References3
cnnvd
cnnvd
added 2023/06/03 12:0 a.m.7 views

WordPress plugin VK Blocks 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

4.3CVSS6.6AI score0.00508EPSS
Exploits0References3
nvd
nvd
added 2023/05/22 10:15 a.m.18 views

CVE-2022-47183

Cross-Site Request Forgery CSRF vulnerability in StylistWP Extra Block Design, Style, CSS for ANY Gutenberg Blocks plugin = 0.2.6 versions...

8.8CVSS6.5AI score0.00264EPSS
Exploits0References1
osv
osv
added 2023/03/27 3:15 p.m.4 views

CVE-2023-22707

Auth. author+ Cross-Site Scripting XSS vulnerability in Wpsoul Greenshift – animation and page builder blocks plugin = 4.9.9 versions...

5.4CVSS6.1AI score0.00404EPSS
Exploits0References1
osv
osv
added 2022/06/23 5:15 a.m.4 views

CVE-2017-20090

A vulnerability was found in Global Content Blocks Plugin 2.1.5. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely...

8.8CVSS4.7AI score0.00557EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2022/06/23 4:20 a.m.7 views

CVE-2017-20090 Global Content Blocks Plugin cross-site request forgery

A vulnerability was found in Global Content Blocks Plugin 2.1.5. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely...

4.3CVSS7AI score0.00557EPSS
Exploits1References2
cvelist
cvelist
added 2022/06/23 4:20 a.m.20 views

CVE-2017-20090 Global Content Blocks Plugin cross-site request forgery

A vulnerability was found in Global Content Blocks Plugin 2.1.5. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely...

4.3CVSS8.6AI score0.00557EPSS
Exploits1References2
cve
cve
added 2022/06/23 4:20 a.m.49 views

CVE-2017-20090

The CVE-2017-20090 entry concerns the WordPress plugin Global Content Blocks Plugin version 2.1.5. The vulnerability is described as enabling cross-site request forgery, with the manipulation affecting unknown code and the attack executable remotely. The connected documents corroborate a CSRF iss...

8.8CVSS6.3AI score0.00557EPSS
Exploits1References2Affected Software1
attackerkb
attackerkb
added 2022/03/07 9:15 a.m.6 views

CVE-2022-0448

The CP Blocks WordPress plugin before 1.0.15 does not sanitise and escape its "License ID" settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...

4.8CVSS5.5AI score0.0632EPSS
Exploits5References2
patchstack
patchstack
added 2022/02/28 12:0 a.m.14 views

WordPress Mobile blocks plugin <= 1.2 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Mobile blocks plugin versions = 1.2. Solution Update the WordPress Mobile blocks plugin to the latest available version at least 1.2.1...

2.3AI score
Exploits0References2Affected Software1
cnvd
cnvd
added 2022/02/14 12:0 a.m.66 views

WordPress CP Blocks plugin cross-site scripting vulnerability

WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. WordPress plugin is a WordPress application plugin. A cross-site scripting vulnerability exists in versions of the WordPress CP Blocks plugin prior to 1.0.15, which stems from the plugin's failu...

4.8CVSS0.6AI score0.0632EPSS
Exploits5References1
cnnvd
cnnvd
added 2022/02/08 12:0 a.m.30 views

WordPress plugin CP Blocks 跨站脚本漏洞

WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. WordPress plugin is a WordPress application plugin. A cross-site scripting vulnerability exists in versions of the WordPress CP Blocks plugin prior to 1.0.15, which stems from the plugin's failu...

4.8CVSS5.2AI score0.0632EPSS
Exploits5References4
patchstack
patchstack
added 2021/09/15 12:0 a.m.17 views

WordPress Find My Blocks plugin <= 3.3.2 - Private Post Titles Disclosure vulnerability

Private Post Titles Disclosure vulnerability discovered by apple502j in WordPress Find My Blocks plugin versions = 3.3.2. Solution Update the WordPress Find My Blocks plugin to the latest available version at least 3.4.0...

5.3CVSS2.4AI score0.01212EPSS
Exploits2References3Affected Software1
vulncheck_kev
vulncheck_kev
added 2021/07/23 12:0 a.m.4 views

VulnCheck KEV: CVE-2021-32789

woocommerce-gutenberg-products-block is a feature plugin for WooCommerce Gutenberg Blocks. An SQL injection vulnerability impacts all WooCommerce sites running the WooCommerce Blocks feature plugin between version 2.5.0 and prior to version 2.5.16. Via a carefully crafted URL, an exploit can be...

7.5CVSS7.2AI score0.17227EPSS
Exploits2References1
Rows per page
Query Builder