Lucene search
K

98 matches found

Patchstack
Patchstack
added 2026/03/05 10:31 p.m.6 views

WordPress Greenshift - animation and page builder blocks plugin <= 12.8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

WordPress Greenshift - animation and page builder blocks plugin = 12.8.5 - Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by WordFence in WordPress Plugin Greenshift versions = 12.8.5...

6.4CVSS5.9AI score0.00197EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/03/05 10:16 p.m.6 views

CVE-2026-2593

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the gspbpostcss post meta value and the dynamicAttributes block attribute in all versions up to, and including, 12.8.5 due to insufficient input sanitization and output escapin...

6.4CVSS0.00197EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/05 9:24 p.m.3 views

CVE-2026-2593

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the gspbpostcss post meta value and the dynamicAttributes block attribute in all versions up to, and including, 12.8.5 due to insufficient input sanitization and output escapin...

6.4CVSS6AI score0.00197EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/05 9:24 p.m.29 views

CVE-2026-2593 Greenshift – animation and page builder blocks <= 12.8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the gspbpostcss post meta value and the dynamicAttributes block attribute in all versions up to, and including, 12.8.5 due to insufficient input sanitization and output escapin...

6.4CVSS0.00197EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.3 views

PT-2026-23519

Name of the Vulnerable Software and Affected Versions Greenshift – animation and page builder blocks plugin for WordPress versions through 12.8.5 Description The Greenshift plugin for WordPress is susceptible to Stored Cross-Site Scripting. The issue stems from inadequate input sanitization and...

6.4CVSS5.8AI score0.00197EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.14 views

PT-2026-23575

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 12.8.3 via the automated Settings Backup stored in a publicly accessible file. This makes it possible for unauthenticated attackers to...

5.3CVSS5.9AI score0.00239EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.7 views

WordPress plugin Greenshift – animation and page builder blocks 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.4CVSS5.7AI score0.00197EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/02/06 1:30 p.m.14 views

CVE-2026-1927

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the greenshiftapppassvalidation function in all versions up to, and including, 12.6. This makes it possible for authenticated attackers, with...

5.4CVSS6AI score0.00186EPSS
Exploits0References1
NVD
NVD
added 2026/02/05 2:16 p.m.10 views

CVE-2026-1927

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the greenshiftapppassvalidation function in all versions up to, and including, 12.6. This makes it possible for authenticated attackers, with...

5.4CVSS0.00186EPSS
Exploits0References3
EUVD
EUVD
added 2026/02/05 1:27 p.m.7 views

EUVD-2026-5554

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the greenshiftapppassvalidation function in all versions up to, and including, 12.5.7. This makes it possible for authenticated attackers, with...

4.3CVSS5.4AI score0.00186EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/05 1:27 p.m.33 views

CVE-2026-1927 GreenShift - Animation and Page Builder Blocks <= 12.6 - Missing Authorization to Authenticated (Subscriber+) Information Disclosure of AI API Keys and Stored Cross-Site Scripting via custom_css

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the greenshiftapppassvalidation function in all versions up to, and including, 12.6. This makes it possible for authenticated attackers, with...

5.4CVSS0.00186EPSS
Exploits0References3
CVE
CVE
added 2026/02/05 1:27 p.m.24 views

CVE-2026-1927

CVE-2026-1927 affects the Greenshift – animation and page builder blocks plugin for WordPress (versions up to and including 12.5.7). The root cause is a missing capability check in the greenshift_app_pass_validation() function, allowing authenticated attackers with Subscriber-level access and abo...

5.4CVSS6AI score0.00186EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/05 1:27 p.m.4 views

CVE-2026-1927

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the greenshiftapppassvalidation function in all versions up to, and including, 12.6. This makes it possible for authenticated attackers, with...

5.4CVSS6AI score0.00186EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/02/05 8:43 a.m.9 views

WordPress GreenShift - Animation and Page Builder Blocks plugin <= 12.5.7 - Authenticated (Subscriber+) Information Disclosure of AI API Keys vulnerability

WordPress GreenShift - Animation and Page Builder Blocks plugin = 12.5.7 - Authenticated Subscriber+ Information Disclosure of AI API Keys vulnerability discovered by ISMAILSHADOW in WordPress Plugin Greenshift versions = 12.5.7...

4.3CVSS5.3AI score0.00186EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/02/05 12:0 a.m.7 views

WordPress plugin Greenshift 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

5.4CVSS5.8AI score0.00186EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/05 12:0 a.m.18 views

PT-2026-6555

Name of the Vulnerable Software and Affected Versions Greenshift – animation and page builder blocks plugin for WordPress versions through 12.5.7 Description The plugin is susceptible to unauthorized data access because of a missing capability check within the greenshift app pass validation...

4.3CVSS5.4AI score0.00186EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/11/05 2:13 a.m.4 views

CVE-2025-11841

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Chart Data attributes in all versions up to, and including, 12.2.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS5AI score0.00176EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/11/04 4:45 a.m.7 views

WordPress Greenshift plugin <= 12.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Chart Data Attributes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Chart Data Attributes vulnerability discovered by Webbernaut in WordPress Plugin Greenshift versions = 12.2.7...

6.4CVSS5.8AI score0.00176EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/11/04 1:50 a.m.17 views

CVE-2025-11841

CVE-2025-11841 (Greenshift – animation and page builder blocks) affects Greenshift for WordPress up to and including version 12.2.7. The vulnerability is a stored XSS via Chart Data attributes caused by insufficient input sanitization and output escaping. It requires authenticated access at Contr...

6.4CVSS4.7AI score0.00176EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/04 12:0 a.m.9 views

PT-2025-44914

Name of the Vulnerable Software and Affected Versions Greenshift – animation and page builder blocks versions up to and including 12.2.7 Description The Greenshift plugin for WordPress is susceptible to Stored Cross-Site Scripting through the Chart Data attributes. Insufficient input sanitization...

6.4CVSS5.2AI score0.00176EPSS
Exploits0References5
Rows per page
Query Builder