Lucene search
K

1398 matches found

Nuclei
Nuclei
added 8 hours ago22 views

Post Grid <= 2.2.50 - Information Exposure via REST API

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PickPlugins Post Grid Combo – 36+ Gutenberg Blocks.This issue affects Post Grid Combo – 36+ Gutenberg Blocks: from n/a through 2.2.50. id: CVE-2023-40211 info: name: Post Grid = 2.2.50 - Information Exposure via REST API...

7.5CVSS7AI score0.02041EPSS
Exploits0References3
NVD
NVD
added 4 days ago7 views

CVE-2026-15286

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to unauthorized post publication in all versions up to, and including, 3.5.32 due to a misconfigured capability check on the 'getitemspermissioncheck' function permission callback of the...

4.3CVSS0.00268EPSS
Exploits0References4
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42795

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to unauthorized post publication in all versions up to, and including, 3.5.32 due to a misconfigured capability check on the 'getitemspermissioncheck' function permission callback of the...

4.3CVSS5.9AI score0.00268EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 4 days ago7 views

CVE-2026-15286

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to unauthorized post publication in all versions up to, and including, 3.5.32 due to a misconfigured capability check on the 'getitemspermissioncheck' function permission callback of the...

4.3CVSS5.9AI score0.00268EPSS
Exploits0References5
Cvelist
Cvelist
added 4 days ago32 views

CVE-2026-15286 Gutenberg Blocks with AI by Kadence WP – Page Builder Features <= 3.5.32 - Incorrect Authorization to Authenticated (Contributor+) Post Publication

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to unauthorized post publication in all versions up to, and including, 3.5.32 due to a misconfigured capability check on the 'getitemspermissioncheck' function permission callback of the...

4.3CVSS0.00268EPSS
Exploits0References4
NVD
NVD
added 6 days ago7 views

CVE-2026-6740

The Nexter Blocks – Gutenberg Blocks, Page Builder & AI Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'commentIcon' parameter in all versions up to, and including, 4.7.4 due to insufficient input sanitization and output escaping. This makes it possible...

6.4CVSS0.00156EPSS
Exploits0References2
NVD
NVD
added 2026/06/25 4:17 a.m.7 views

CVE-2026-10833

The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'configurablePrefix' Block Attribute in all versions up to, and including, 6.1.4 due to insufficient input sanitization and output escaping. This...

6.4CVSS0.00193EPSS
Exploits0References4
CVE
CVE
added 2026/06/25 3:42 a.m.14 views

CVE-2026-10833

The vulnerability concerns the Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress. All versions up to 6.1.4 are affected by a Stored Cross-Site Scripting via the configurablePrefix Block Attribute, caused by insufficient input sanitization and output es...

6.4CVSS6AI score0.00193EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 3:42 a.m.5 views

EUVD-2026-39164

The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'configurablePrefix' Block Attribute in all versions up to, and including, 6.1.4 due to insufficient input sanitization and output escaping. This...

6.4CVSS6AI score0.00193EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/25 3:42 a.m.37 views

CVE-2026-10833 Gutenberg Essential Blocks - Page Builder for Gutenberg Blocks & Patterns <= 6.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'configurablePrefix' Block Attribute

The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'configurablePrefix' Block Attribute in all versions up to, and including, 6.1.4 due to insufficient input sanitization and output escaping. This...

6.4CVSS0.00193EPSS
Exploits0References4
Patchstack
Patchstack
added 2026/06/24 2:50 p.m.6 views

WordPress Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin <= 6.1.4 - Page Builder for Gutenberg Blocks & Patterns <= 6.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Page Builder for Gutenberg Blocks & Patterns plugin = 6.1.4 - Page Builder for Gutenberg Blocks & Patterns = 6.1.4 - Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Viet Anh Ngo in WordPress Plugin Essential Blocks for Gutenberg versions = 6.1.4...

6.4CVSS5.8AI score0.00193EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/19 4:31 a.m.5 views

CVE-2026-12157

The BetterDocs - Knowledge Base Docs & FAQ Solution for Elementor & Block Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the blockId attribute of the betterdocs/category-slate-layout Gutenberg block in versions up to, and including, 4.5.3. This is due to insufficient...

6.4CVSS6AI score0.00212EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.24 views

PT-2026-50837

Name of the Vulnerable Software and Affected Versions BetterDocs - Knowledge Base Docs & FAQ Solution for Elementor & Block Editor versions prior to 4.5.4 Description Stored Cross-Site Scripting occurs via the blockId attribute of the 'betterdocs/category-slate-layout' Gutenberg block. The issue...

6.4CVSS6AI score0.00212EPSS
Exploits0References13
Patchstack
Patchstack
added 2026/06/17 4:14 p.m.7 views

WordPress Kadence Blocks — Page Builder Toolkit for Gutenberg Editor plugin <= 3.7.5 - Authenticated (Contributor+) Sensitive Information Exposure vulnerability

Authenticated Contributor+ Sensitive Information Exposure vulnerability discovered by se1en in WordPress Plugin Gutenberg Blocks by Kadence Blocks versions = 3.7.5...

4.3CVSS5.3AI score0.00243EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/17 2:17 p.m.13 views

CVE-2026-54808

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Travel WP Travel Gutenberg Blocks allows Blind SQL Injection. This issue affects WP Travel Gutenberg Blocks: from n/a through 3.9.4...

9.3CVSS0.00317EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 1:51 p.m.13 views

EUVD-2026-37713

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Travel WP Travel Gutenberg Blocks allows Blind SQL Injection. This issue affects WP Travel Gutenberg Blocks: from n/a through 3.9.4...

9.3CVSS5.6AI score0.00317EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/06 12:43 a.m.10 views

CVE-2026-10586

The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.1.3 via the saveaigeneratedimage function. This makes it possible for authenticated attackers, with Author-level...

7.2CVSS5.6AI score0.00213EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:32 p.m.10 views

CVE-2026-6551

The Timeline Blocks for Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'titleTag' attribute of the timeline-blocks/tb-timeline-blocks block in all versions up to, and including, 1.1.10 due to insufficient input sanitization and output escaping on user supplied...

6.4CVSS5.7AI score0.00195EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/05 12:31 a.m.12 views

EUVD-2026-34771

The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.1.3 via the saveaigeneratedimage function. This makes it possible for authenticated attackers, with Author-level...

7.2CVSS5.9AI score0.00213EPSS
Exploits0References3
NVD
NVD
added 2026/06/05 12:16 a.m.8 views

CVE-2026-10586

The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.1.3 via the saveaigeneratedimage function. This makes it possible for authenticated attackers, with Author-level...

7.2CVSS0.00213EPSS
Exploits0References2
Rows per page
Query Builder