11 matches found
WordPress Gotham Block Extra Light plugin cross-site scripting vulnerability
The WordPress Gotham Block Extra Light plugin is a tool for detecting if ad blocking software such as AdBlock is enabled in a visitor's browser. The WordPress Gotham Block Extra Light plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective...
CVE-2025-15020
The Gotham Block Extra Light plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.5.0 via the 'ghostban' shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to read the contents of arbitrary files on...
WordPress Gotham Block Extra Light plugin <= 1.5.0 - Authenticated (Contributor+) Arbitrary File Read via 'ghostban' Shortcode vulnerability
Authenticated Contributor+ Arbitrary File Read via 'ghostban' Shortcode vulnerability discovered by 0x34rth in WordPress Plugin Gotham Block Extra Light versions = 1.5.0...
CVE-2025-15020
The Gotham Block Extra Light plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.5.0 via the 'ghostban' shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to read the contents of arbitrary files on...
CVE-2025-15021
The Gotham Block Extra Light plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...
CVE-2025-15021 Gotham Block Extra Light <= 1.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Settings
The Gotham Block Extra Light plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...
CVE-2025-15020 Gotham Block Extra Light <= 1.5.0 - Authenticated (Contributor+) Arbitrary File Read via 'ghostban' Shortcode
The Gotham Block Extra Light plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.5.0 via the 'ghostban' shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to read the contents of arbitrary files on...
CVE-2025-15020
CVE-2025-15020 affects the WordPress plugin Gotham Block Extra Light
WordPress plugin Gotham Block Extra Light 跨站脚本漏洞
The WordPress Gotham Block Extra Light plugin is a tool for detecting if ad blocking software such as AdBlock is enabled in a visitor's browser. The WordPress Gotham Block Extra Light plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective...
WordPress plugin Gotham Block Extra Light 路径遍历漏洞
The WordPress Gotham Block Extra Light plugin is a tool for detecting if ad blocking software such as AdBlock is enabled in a visitor's browser. A path traversal vulnerability exists in the WordPress Gotham Block Extra Light plugin, which stems from the mishandling of the ghostban shortcode, and...
PT-2026-2821
The Gotham Block Extra Light plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...