Lucene search
K

4965 matches found

Cvelist
Cvelist
added 2026/01/22 4:52 p.m.19 views

CVE-2026-24389 WordPress Gallery PhotoBlocks plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Chill Gallery PhotoBlocks photoblocks-grid-gallery allows DOM-Based XSS.This issue affects Gallery PhotoBlocks: from n/a through = 1.3.2...

6.5CVSS0.00129EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/22 4:52 p.m.18 views

CVE-2026-24377 WordPress Nexter Blocks plugin <= 4.6.3 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue affects Nexter Blocks: from n/a through = 4.6.3...

4.3CVSS0.0018EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/22 4:52 p.m.3 views

CVE-2026-24377 WordPress Nexter Blocks plugin <= 4.6.3 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue affects Nexter Blocks: from n/a through = 4.6.3...

4.3CVSS5.9AI score0.0018EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/22 4:52 p.m.4 views

CVE-2026-24377

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue affects Nexter Blocks: from n/a through = 4.6.3...

7.5CVSS5.4AI score0.0018EPSS
Exploits0References2
CVE
CVE
added 2026/01/22 4:52 p.m.16 views

CVE-2026-24377

CVE-2026-24377 : WordPress Nexter Blocks plugin ≤ 4.6.3 exposes embedded sensitive data to an unauthorized control sphere, enabling sensitive information exposure. CVSS 3.1 base score 4.3 (Medium) per the initial document; multiple sources corroborate a sensitive data exposure issue affecting Nex...

4.3CVSS5.4AI score0.0018EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/22 4:52 p.m.2 views

CVE-2025-68030 WordPress Frontis Blocks plugin <= 1.1.5 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in WP Messiah Frontis Blocks frontis-blocks allows Server Side Request Forgery.This issue affects Frontis Blocks: from n/a through = 1.1.5...

5.9AI score0.00248EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/22 4:52 p.m.16 views

CVE-2025-68030 WordPress Frontis Blocks plugin <= 1.1.5 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in WP Messiah Frontis Blocks frontis-blocks allows Server Side Request Forgery.This issue affects Frontis Blocks: from n/a through = 1.1.5...

7.2CVSS0.00248EPSS
Exploits0References1
CVE
CVE
added 2026/01/22 4:52 p.m.7 views

CVE-2025-68030

Summary (CVE-2025-68030) The WordPress plugin Frontis Blocks (Frontis Blocks — Block Library for the Block Editor) is affected up to version 1.1.5. A Server-Side Request Forgery (SSRF) vulnerability exists in the frontis-blocks component, exploitable via the url parameter, enabling the SSRF issue...

7.2CVSS5.4AI score0.00248EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/22 4:52 p.m.2 views

CVE-2025-68030

Server-Side Request Forgery SSRF vulnerability in WP Messiah Frontis Blocks frontis-blocks allows Server Side Request Forgery.This issue affects Frontis Blocks: from n/a through = 1.1.5...

7.2CVSS5.3AI score0.00248EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/01/22 4:51 p.m.3 views

CVE-2025-47500

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Benjamin Intal Stackable stackable-ultimate-gutenberg-blocks allows Stored XSS.This issue affects Stackable: from n/a through = 3.19.5...

5.4CVSS5.3AI score0.00252EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/22 2:58 a.m.10 views

Security Bulletin: Vulnerabilities affect IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerabilities have been identified that affect IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-47912 DESCRIPTION: The Parse functio...

7.5CVSS7.2AI score0.00626EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.8 views

PT-2026-3962

Name of the Vulnerable Software and Affected Versions Stackable versions through 3.19.5 Description A flaw exists in Benjamin Intal Stackable stackable-ultimate-gutenberg-blocks that allows for Stored Cross-site Scripting XSS. This issue is due to improper neutralization of input during web page...

5.3AI score0.00252EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.7 views

PT-2026-4263

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue affects Nexter Blocks: from n/a through = 4.6.3...

5.4AI score0.0018EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.6 views

WordPress plugin Frontis Blocks: Code-related vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...

7.2CVSS5.9AI score0.00248EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.8 views

WordPress plugin Nexter Blocks has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...

4.3CVSS5.8AI score0.0018EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.5 views

WordPress plugin stackable-ultimate-gutenberg-blocks has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. The WordPre...

5.9CVSS5.7AI score0.00252EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.4 views

PT-2026-4065

Name of the Vulnerable Software and Affected Versions Frontis Blocks versions through 1.1.5 Description A Server-Side Request Forgery SSRF issue exists in WP Messiah Frontis Blocks. This allows for Server Side Request Forgery. The issue impacts the frontis-blocks component. Recommendations Update...

5.3AI score0.00248EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.4 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-37739)

"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37739 advisory. - In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-bounds access...

7.1CVSS6.6AI score0.00161EPSS
Exploits0References2
Snyk
Snyk
added 2026/01/21 3:56 a.m.2 views

Malicious Package

Overview blocks-builder-manifest-generator is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...

9.8CVSS5.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/21 3:56 a.m.8 views

Malicious code in blocks-builder-manifest-generator (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30f5efa34a1c44d974502110177cb7a60daf579349ed25937e66e342f7f7c24f The package blocks-builder-manifest-generator was found to contain malicious code. Source: ghsa-malware...

5.5AI score
Exploits0References1
Rows per page
Query Builder