4965 matches found
CVE-2026-24389 WordPress Gallery PhotoBlocks plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Chill Gallery PhotoBlocks photoblocks-grid-gallery allows DOM-Based XSS.This issue affects Gallery PhotoBlocks: from n/a through = 1.3.2...
CVE-2026-24377 WordPress Nexter Blocks plugin <= 4.6.3 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue affects Nexter Blocks: from n/a through = 4.6.3...
CVE-2026-24377 WordPress Nexter Blocks plugin <= 4.6.3 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue affects Nexter Blocks: from n/a through = 4.6.3...
CVE-2026-24377
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue affects Nexter Blocks: from n/a through = 4.6.3...
CVE-2026-24377
CVE-2026-24377 : WordPress Nexter Blocks plugin ≤ 4.6.3 exposes embedded sensitive data to an unauthorized control sphere, enabling sensitive information exposure. CVSS 3.1 base score 4.3 (Medium) per the initial document; multiple sources corroborate a sensitive data exposure issue affecting Nex...
CVE-2025-68030 WordPress Frontis Blocks plugin <= 1.1.5 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability in WP Messiah Frontis Blocks frontis-blocks allows Server Side Request Forgery.This issue affects Frontis Blocks: from n/a through = 1.1.5...
CVE-2025-68030 WordPress Frontis Blocks plugin <= 1.1.5 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability in WP Messiah Frontis Blocks frontis-blocks allows Server Side Request Forgery.This issue affects Frontis Blocks: from n/a through = 1.1.5...
CVE-2025-68030
Summary (CVE-2025-68030) The WordPress plugin Frontis Blocks (Frontis Blocks — Block Library for the Block Editor) is affected up to version 1.1.5. A Server-Side Request Forgery (SSRF) vulnerability exists in the frontis-blocks component, exploitable via the url parameter, enabling the SSRF issue...
CVE-2025-68030
Server-Side Request Forgery SSRF vulnerability in WP Messiah Frontis Blocks frontis-blocks allows Server Side Request Forgery.This issue affects Frontis Blocks: from n/a through = 1.1.5...
CVE-2025-47500
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Benjamin Intal Stackable stackable-ultimate-gutenberg-blocks allows Stored XSS.This issue affects Stackable: from n/a through = 3.19.5...
Security Bulletin: Vulnerabilities affect IBM watsonx Orchestrate with watsonx Assistant Cartridge
Summary Potential vulnerabilities have been identified that affect IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-47912 DESCRIPTION: The Parse functio...
PT-2026-3962
Name of the Vulnerable Software and Affected Versions Stackable versions through 3.19.5 Description A flaw exists in Benjamin Intal Stackable stackable-ultimate-gutenberg-blocks that allows for Stored Cross-site Scripting XSS. This issue is due to improper neutralization of input during web page...
PT-2026-4263
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue affects Nexter Blocks: from n/a through = 4.6.3...
WordPress plugin Frontis Blocks: Code-related vulnerabilities
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...
WordPress plugin Nexter Blocks has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...
WordPress plugin stackable-ultimate-gutenberg-blocks has a cross-site scripting vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. The WordPre...
PT-2026-4065
Name of the Vulnerable Software and Affected Versions Frontis Blocks versions through 1.1.5 Description A Server-Side Request Forgery SSRF issue exists in WP Messiah Frontis Blocks. This allows for Server Side Request Forgery. The issue impacts the frontis-blocks component. Recommendations Update...
Azure Linux 3.0 Security Update: kernel (CVE-2025-37739)
"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37739 advisory. - In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-bounds access...
Malicious Package
Overview blocks-builder-manifest-generator is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...
Malicious code in blocks-builder-manifest-generator (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30f5efa34a1c44d974502110177cb7a60daf579349ed25937e66e342f7f7c24f The package blocks-builder-manifest-generator was found to contain malicious code. Source: ghsa-malware...