Lucene search
K

243 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:37 a.m.6 views

CVE-2024-4891

The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tagName’ parameter in versions up to, and including, 4.5.12 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.8AI score0.00468EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:6 a.m.5 views

CVE-2023-2084

The Essential Blocks plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the get function in versions up to, and including, 4.0.6. This makes it possible for subscriber-level attackers to obtain plugin settings. While a nonce check is...

4.3CVSS7AI score0.00513EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:17 a.m.15 views

CVE-2023-51360

Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg essential-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Blocks for Gutenberg: from n/a through = 4.2.0...

8.8CVSS5.7AI score0.00573EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:10 a.m.15 views

CVE-2023-47760

Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg essential-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Blocks for Gutenberg: from n/a through = 4.2.0...

8.8CVSS7.3AI score0.00393EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:10 a.m.15 views

CVE-2023-51359

Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg essential-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Blocks for Gutenberg: from n/a through = 4.2.0...

8.8CVSS7.3AI score0.00575EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:53 a.m.9 views

CVE-2023-2086

The Essential Blocks plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the templatecount function in versions up to, and including, 4.0.6. This makes it possible for subscriber-level attackers to obtain plugin template information. While ...

4.3CVSS6.5AI score0.00572EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:51 p.m.8 views

CVE-2022-47594

Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Blocks for Gutenberg: from n/a through 3.8.5...

6.5CVSS5.1AI score0.00419EPSS
Exploits0References1
OSV
OSV
added 2025/03/08 12:15 p.m.3 views

CVE-2025-1664

The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Parallax slider in all versions up to, and including, 5.3.1 due to insufficient input sanitization and output escaping. This makes it possible for...

5.4CVSS5.9AI score0.00198EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/08 11:16 a.m.6 views

CVE-2025-1664 Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 5.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Parallax slider in all versions up to, and including, 5.3.1 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.8AI score0.00198EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/03/08 4:17 a.m.5 views

WordPress Essential Blocks plugin <= 5.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Essential Blocks for Gutenberg versions = 5.3.1...

6.4CVSS7AI score0.00198EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/03/08 12:0 a.m.4 views

WordPress plugin Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on servers running PHP and MySQL. WordPress plugin Essential Blocks - Page...

6.4CVSS8.1AI score0.00198EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/28 7:23 a.m.15 views

CVE-2024-13803

The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-marker’ parameter in all versions up to, and including, 5.2.3 due to insufficient input sanitization and output escaping. This makes it possib...

6.4CVSS5.8AI score0.00446EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/27 2:34 p.m.20 views

CVE-2025-26871

Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg essential-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Blocks for Gutenberg: from n/a through = 4.8.3...

8.8CVSS7.2AI score0.00375EPSS
Exploits0References1
NVD
NVD
added 2025/02/26 1:15 p.m.18 views

CVE-2024-13803

The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-marker’ parameter in all versions up to, and including, 5.2.3 due to insufficient input sanitization and output escaping. This makes it possib...

6.4CVSS0.00446EPSS
Exploits0References3
OSV
OSV
added 2025/02/26 1:15 p.m.6 views

CVE-2024-13803

The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-marker’ parameter in all versions up to, and including, 5.2.3 due to insufficient input sanitization and output escaping. This makes it possib...

5.4CVSS5.9AI score0.00446EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/02/26 7:1 a.m.29 views

CVE-2024-13803 Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 5.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-marker’ parameter in all versions up to, and including, 5.2.3 due to insufficient input sanitization and output escaping. This makes it possib...

6.4CVSS0.00446EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/02/26 7:1 a.m.11 views

CVE-2024-13803 Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 5.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-marker’ parameter in all versions up to, and including, 5.2.3 due to insufficient input sanitization and output escaping. This makes it possib...

6.4CVSS5.8AI score0.00446EPSS
Exploits0References3
CVE
CVE
added 2025/02/26 7:1 a.m.75 views

CVE-2024-13803

CVE-2024-13803 concerns the WordPress plugin Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates, affecting all versions up to 5.2.3. The vulnerability is a Stored Cross-Site Scripting via the data-marker parameter, caused by insufficient input sanitization and output escaping....

6.4CVSS5.8AI score0.00446EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/02/26 12:0 a.m.5 views

PT-2025-8684 · WordPress · The Essential Blocks – Page Builder Gutenberg Blocks

Name of the Vulnerable Software and Affected Versions: The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress versions up to, and including, 5.2.3 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and...

6.4CVSS8.1AI score0.00446EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.5 views

WordPress plugin Essential Blocks 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS7.8AI score0.00446EPSS
Exploits0References4
Rows per page
Query Builder