26 matches found
CVE-2024-2919
The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the CountUp Widget in all versions up to, and including, 3.2.31 due to insufficient input sanitization and output escaping on user supplied attributes. This makes i...
EUVD-2023-51644
Malicious code in bioql PyPI...
EUVD-2025-31699
Malicious code in bioql PyPI...
CVE-2025-8566
The GutenBee – Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via parameters in the CountUp and Google Maps Blocks in all versions up to, and including, 2.18.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2025-8566
The GutenBee – Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via parameters in the CountUp and Google Maps Blocks in all versions up to, and including, 2.18.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2025-8566 GutenBee – Gutenberg Blocks <= 2.18.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The GutenBee – Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via parameters in the CountUp and Google Maps Blocks in all versions up to, and including, 2.18.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2025-8566
Summary (CVE-2025-8566) The GutenBee – Gutenberg Blocks WordPress plugin is vulnerable to Stored Cross-Site Scripting in CountUp and Google Maps blocks. Affected versions are up to 2.18.0 due to insufficient input sanitization and output escaping. Exploitation requires authenticated access at Con...
CVE-2025-8566 GutenBee – Gutenberg Blocks <= 2.18.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The GutenBee – Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via parameters in the CountUp and Google Maps Blocks in all versions up to, and including, 2.18.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
PT-2025-39941
Name of the Vulnerable Software and Affected Versions GutenBee – Gutenberg Blocks plugin for WordPress versions prior to 2.18.1 Description The GutenBee – Gutenberg Blocks plugin for WordPress is susceptible to Stored Cross-Site Scripting through parameters in the CountUp and Google Maps Blocks...
CVE-2024-2919
The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the CountUp Widget in all versions up to, and including, 3.2.31 due to insufficient input sanitization and output escaping on user supplied attributes. This makes i...
CVE-2024-2919 Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.31 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via CountUp Widget
The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the CountUp Widget in all versions up to, and including, 3.2.31 due to insufficient input sanitization and output escaping on user supplied attributes. This makes i...
CVE-2024-2919
CVE-2024-2919 affects the Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress. The vulnerability is a Stored Cross-Site Scripting via the CountUp Widget in all versions up to 3.2.31, caused by insufficient input sanitization and output escaping on user-supplied attribu...
CVE-2024-2919
The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the CountUp Widget in all versions up to, and including, 3.2.31 due to insufficient input sanitization and output escaping on user supplied attributes. This makes i...
WordPress Gutenberg Blocks by Kadence Blocks plugin <= 3.2.31 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Countdown and CountUp Widget vulnerability
Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting via Countdown and CountUp Widget vulnerability discovered by Webbernaut in WordPress Plugin Gutenberg Blocks by Kadence Blocks versions = 3.2.31...
WordPress Plugin Gutenberg Blocks by Kadence Blocks 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...
PT-2024-22793 · Kadence Blocks · The Gutenberg Blocks By Kadence Blocks
Name of the Vulnerable Software and Affected Versions: The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress versions up to, and including, 3.2.31 Description: The issue is related to Stored Cross-Site Scripting via the CountUp Widget due to insufficient input...
Gutenberg Blocks by Kadence Blocks – Page Builder Features < 3.2.32 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown and CountUp Widget
Description The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown and CountUp Widget in all versions up to, and including, 3.2.31 due to insufficient input sanitization and output escaping on user supplie...
CVE-2023-47533
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in wpdevart Countdown and CountUp, WooCommerce Sales Timer plugin = 1.8.2 versions...
CVE-2023-47533
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in wpdevart Countdown and CountUp, WooCommerce Sales Timer plugin = 1.8.2 versions...
CVE-2023-47533
CVE-2023-47533 affects the WordPress plugin Countdown and CountUp, WooCommerce Sales Timer (