617 matches found
CVE-2023-32598
Unauth. Reflected Cross-Site Scripting XSS vulnerability in A. R. Jones Featured Image Pro Post Grid plugin = 5.14 versions...
CVE-2023-40211
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PickPlugins Post Grid Combo – 36+ Gutenberg Blocks.This issue affects Post Grid Combo – 36+ Gutenberg Blocks: from n/a through 2.2.50...
CVE-2023-39923
Cross-Site Request Forgery CSRF vulnerability in RadiusTheme The Post Grid plugin = 7.2.7 versions...
CVE-2023-6645
The Post Grid Combo – 36+ Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom JS parameter in all versions up to, and including, 2.2.64 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wit...
CVE-2021-24488
The slider import search feature and tab parameter of the Post Grid WordPress plugin before 2.1.8 settings are not properly sanitised before being output back in the pages, leading to Reflected Cross-Site Scripting issues...
CVE-2024-9645
The Post Grid, Posts Slider, Posts Carousel, Post Filter, Post Masonry WordPress plugin before 2.2.93 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform...
CVE-2024-9645 Post Grid and Gutenberg Blocks < 2.2.93 - Contributor+ Stored XSS
The Post Grid, Posts Slider, Posts Carousel, Post Filter, Post Masonry WordPress plugin before 2.2.93 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform...
CVE-2024-9645 Post Grid and Gutenberg Blocks < 2.2.93 - Contributor+ Stored XSS
The Post Grid, Posts Slider, Posts Carousel, Post Filter, Post Masonry WordPress plugin before 2.2.93 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform...
WordPress plugin Post Grid 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2025-30814
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme The Post Grid the-post-grid allows PHP Local File Inclusion.This issue affects The Post Grid: from n/a through = 7.7.17...
CVE-2025-30814
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme The Post Grid the-post-grid allows PHP Local File Inclusion.This issue affects The Post Grid: from n/a through = 7.7.17...
WordPress The Post Grid plugin <= 7.7.17 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by LVT-tholv2k in WordPress Plugin The Post Grid versions = 7.7.17...
CVE-2025-30814
CVE-2025-30814 : The Post Grid (The Post Grid) for WordPress is vulnerable to PHP Local File Inclusion via improper filename validation in include/require, leading to a Contributor+ authenticated LFI. Affected: The Post Grid
CVE-2025-30814 WordPress The Post Grid plugin <= 7.7.17 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme The Post Grid the-post-grid allows PHP Local File Inclusion.This issue affects The Post Grid: from n/a through = 7.7.17...
PT-2025-13089 · Radiustheme · Radiustheme The Post Grid
Name of the Vulnerable Software and Affected Versions: RadiusTheme The Post Grid versions n/a through 7.7.17 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. This allows PHP...
WordPress plugin The Post Grid 安全漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2024-13796
The Post Grid and Gutenberg Blocks – ComboBlocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.6 via the /wp-json/post-grid/v2/getusers REST API This makes it possible for unauthenticated attackers to extract sensitive data includin...
CVE-2024-13796
The Post Grid and Gutenberg Blocks – ComboBlocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.6 via the /wp-json/post-grid/v2/getusers REST API This makes it possible for unauthenticated attackers to extract sensitive data includin...
WordPress plugin Post Grid and Gutenberg Blocks 信息泄露漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...
WordPress Post Grid and Gutenberg Blocks plugin <= 2.3.6 - Unauthenticated User Information Exposure vulnerability
Unauthenticated User Information Exposure vulnerability discovered by wesley wcraft in WordPress Plugin Post Grid and Gutenberg Blocks versions = 2.3.6...