Lucene search
K

52 matches found

CNVD
CNVD
added 2025/06/27 12:0 a.m.3 views

WordPress Enhanced Blocks - Page Builder Blocks for Gutenberg plugin Improper Access Control Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. An improper access control vulnerability exists in WordPress Enhanced Blocks - Page Builder Blocks for Gutenberg plugin, which stems from a lack of authorization, and no detaile...

6.5CVSS6.2AI score0.00269EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/25 12:0 a.m.5 views

PT-2025-7830 · Unknown · Essential Blocks For Gutenberg

Name of the Vulnerable Software and Affected Versions: Essential Blocks for Gutenberg versions through 4.8.3 Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For Essential...

8.8CVSS9.5AI score0.00375EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/02/22 4:16 p.m.6 views

WordPress Essential Blocks plugin <= 4.8.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Essential Blocks for Gutenberg versions = 4.8.3...

8.8CVSS7AI score0.00375EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/12/09 1:15 p.m.4 views

CVE-2023-47760

Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Blocks for Gutenberg: from n/a through 4.2.0...

8.8CVSS5.8AI score0.00393EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.7 views

WordPress plugin Essential Blocks for Gutenberg 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...

8.8CVSS8.7AI score0.00575EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/02 9:31 a.m.38 views

CVE-2024-8282 Ibtana – WordPress Website Builder <= 1.2.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via align Attribute

The Ibtana – WordPress Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ attribute within the 'wp:ive/ive-productscarousel' Gutenberg block in all versions up to, and including, 1.2.4.4 due to insufficient input sanitization and output escaping. Thi...

6.4CVSS0.00311EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/07/20 8:29 a.m.32 views

CVE-2024-37948 WordPress Caxton – Create Pro page layouts in Gutenberg plugin <= 1.30.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in PootlePress Caxton – Create Pro page layouts in Gutenberg allows Stored XSS.This issue affects Caxton – Create Pro page layouts in Gutenberg: from n/a through 1.30.1...

6.5CVSS0.00253EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/07/20 12:0 a.m.6 views

PT-2024-28126 · Unknown · Post Layouts For Gutenberg

Name of the Vulnerable Software and Affected Versions: Post Layouts for Gutenberg versions 1.2.7 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendation...

6.5CVSS5.3AI score0.0032EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/07/10 2:39 p.m.3 views

WordPress Post Layouts for Gutenberg plugin <= 1.2.10 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SouzaZinn Patchstack Alliance in WordPress Plugin Post Layouts for Gutenberg versions = 1.2.10...

6.5CVSS6.1AI score0.0032EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/07/04 11:37 a.m.4 views

WordPress Gutenberg plugin <= 18.6.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Gutenberg versions = 18.6.0...

6.5CVSS6.1AI score0.00285EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/07/04 12:0 a.m.9 views

WordPress Gutenberg Plugin <= 18.6.0 is vulnerable to Cross Site Scripting (XSS)

Software Gutenberg Type Plugin Vulnerable versions = 18.6.0 Fixed in 18.6.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37492 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 17657928ee30 Credits Rafie Muhammad Patchstack Required privile...

6.5CVSS6.6AI score0.00285EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/05/20 12:0 a.m.16 views

WordPress Essential Blocks for Gutenberg Plugin <= 4.5.12 is vulnerable to Cross Site Scripting (XSS)

Software Essential Blocks for Gutenberg Type Plugin Vulnerable versions = 4.5.12 Fixed in 4.5.13 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4891 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d396af2a43d0 Credits João...

6.4CVSS5.8AI score0.00468EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2024/04/09 6:59 p.m.54 views

CVE-2023-6964

CVE-2023-6964 affects Gutenberg Blocks by Kadence Blocks – Page Builder Features for WordPress (all versions up to 3.1.26). It enables Server-Side Request Forgery via the kadence_import_get_new_connection_data AJAX action, allowing authenticated attackers with contributor+ access to issue web req...

8.5CVSS6.4AI score0.00363EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/03/06 11:9 a.m.39 views

BIT-WORDPRESS-2023-38000 Auth. Stored Cross-Site Scripting (XSS) vulnerability in WordPress core and Gutenberg plugin via Navigation Links Block

Auth. Stored contributor+ Cross-Site Scripting XSS vulnerability in WordPress core 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.1.3, from 6.0 through 6.0.5, from 5.9 through 5.9.7 and Gutenberg plugin = 16.8.0 versions...

6.5CVSS5.6AI score0.00788EPSS
Exploits1References4
OSV
OSV
added 2024/03/06 11:8 a.m.23 views

BIT-WORDPRESS-MULTISITE-2023-38000 Auth. Stored Cross-Site Scripting (XSS) vulnerability in WordPress core and Gutenberg plugin via Navigation Links Block

Auth. Stored contributor+ Cross-Site Scripting XSS vulnerability in WordPress core 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.1.3, from 6.0 through 6.0.5, from 5.9 through 5.9.7 and Gutenberg plugin = 16.8.0 versions...

6.5CVSS5.6AI score0.00788EPSS
Exploits1References4
Patchstack
Patchstack
added 2024/02/28 12:0 a.m.12 views

WordPress Essential Blocks for Gutenberg Plugin <= 4.5.1 is vulnerable to Cross Site Scripting (XSS)

Software Essential Blocks for Gutenberg Type Plugin Vulnerable versions = 4.5.1 Fixed in 4.5.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1854 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5f950450ff21 Credits WordFence...

6.4CVSS5.8AI score0.00427EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/10/13 10:15 a.m.1 views

DEBIAN-CVE-2023-38000

Auth. Stored contributor+ Cross-Site Scripting XSS vulnerability in WordPress core 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.1.3, from 6.0 through 6.0.5, from 5.9 through 5.9.7 and Gutenberg plugin = 16.8.0 versions...

5.4CVSS6.5AI score0.00788EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2023/10/13 10:15 a.m.126 views

CVE-2023-38000

Auth. Stored contributor+ Cross-Site Scripting XSS vulnerability in WordPress core 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.1.3, from 6.0 through 6.0.5, from 5.9 through 5.9.7 and Gutenberg plugin = 16.8.0 versions...

6.5CVSS6.7AI score0.00788EPSS
Exploits1References5
Prion
Prion
added 2023/10/13 10:15 a.m.58 views

Cross site scripting

Auth. Stored contributor+ Cross-Site Scripting XSS vulnerability in WordPress core 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.1.3, from 6.0 through 6.0.5, from 5.9 through 5.9.7 and Gutenberg plugin = 16.8.0 versions...

4.9CVSS5.3AI score0.00788EPSS
Exploits1References3Affected Software2
OSV
OSV
added 2023/10/13 10:15 a.m.2 views

UBUNTU-CVE-2023-38000

Auth. Stored contributor+ Cross-Site Scripting XSS vulnerability in WordPress core 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.1.3, from 6.0 through 6.0.5, from 5.9 through 5.9.7 and Gutenberg plugin = 16.8.0 versions...

6.5CVSS5.8AI score0.00788EPSS
Exploits1References6
Rows per page
Query Builder