Lucene search
+L

617 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:10 a.m.5 views

CVE-2023-32598

Unauth. Reflected Cross-Site Scripting XSS vulnerability in A. R. Jones Featured Image Pro Post Grid plugin = 5.14 versions...

7.1CVSS5.9AI score0.00382EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:44 a.m.8 views

CVE-2023-40211

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PickPlugins Post Grid Combo – 36+ Gutenberg Blocks.This issue affects Post Grid Combo – 36+ Gutenberg Blocks: from n/a through 2.2.50...

7.5CVSS7.8AI score0.02025EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:41 a.m.10 views

CVE-2023-39923

Cross-Site Request Forgery CSRF vulnerability in RadiusTheme The Post Grid plugin = 7.2.7 versions...

8.8CVSS7.1AI score0.00208EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:4 a.m.7 views

CVE-2023-6645

The Post Grid Combo – 36+ Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom JS parameter in all versions up to, and including, 2.2.64 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wit...

6.4CVSS5.8AI score0.00348EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:22 p.m.7 views

CVE-2021-24488

The slider import search feature and tab parameter of the Post Grid WordPress plugin before 2.1.8 settings are not properly sanitised before being output back in the pages, leading to Reflected Cross-Site Scripting issues...

6.1CVSS6.3AI score0.11241EPSS
Exploits5References1
OSV
OSV
added 2025/05/15 8:16 p.m.6 views

CVE-2024-9645

The Post Grid, Posts Slider, Posts Carousel, Post Filter, Post Masonry WordPress plugin before 2.2.93 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform...

5.4CVSS5.8AI score0.00254EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/15 8:7 p.m.8 views

CVE-2024-9645 Post Grid and Gutenberg Blocks < 2.2.93 - Contributor+ Stored XSS

The Post Grid, Posts Slider, Posts Carousel, Post Filter, Post Masonry WordPress plugin before 2.2.93 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform...

6AI score0.00254EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/15 8:7 p.m.18 views

CVE-2024-9645 Post Grid and Gutenberg Blocks < 2.2.93 - Contributor+ Stored XSS

The Post Grid, Posts Slider, Posts Carousel, Post Filter, Post Masonry WordPress plugin before 2.2.93 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform...

0.00254EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/05/15 12:0 a.m.5 views

WordPress plugin Post Grid 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.4CVSS7.7AI score0.00254EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/03/29 11:40 a.m.15 views

CVE-2025-30814

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme The Post Grid the-post-grid allows PHP Local File Inclusion.This issue affects The Post Grid: from n/a through = 7.7.17...

7.5CVSS7.2AI score0.01EPSS
Exploits0References1
NVD
NVD
added 2025/03/27 11:15 a.m.15 views

CVE-2025-30814

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme The Post Grid the-post-grid allows PHP Local File Inclusion.This issue affects The Post Grid: from n/a through = 7.7.17...

7.5CVSS0.01EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/03/27 10:59 a.m.6 views

WordPress The Post Grid plugin <= 7.7.17 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by LVT-tholv2k in WordPress Plugin The Post Grid versions = 7.7.17...

7.5CVSS7AI score0.01EPSS
Exploits0Affected Software1
CVE
CVE
added 2025/03/27 10:55 a.m.66 views

CVE-2025-30814

CVE-2025-30814 : The Post Grid (The Post Grid) for WordPress is vulnerable to PHP Local File Inclusion via improper filename validation in include/require, leading to a Contributor+ authenticated LFI. Affected: The Post Grid

7.5CVSS7.2AI score0.01EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/27 10:55 a.m.8 views

CVE-2025-30814 WordPress The Post Grid plugin <= 7.7.17 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme The Post Grid the-post-grid allows PHP Local File Inclusion.This issue affects The Post Grid: from n/a through = 7.7.17...

7.5CVSS7.4AI score0.01EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/03/27 12:0 a.m.6 views

PT-2025-13089 · Radiustheme · Radiustheme The Post Grid

Name of the Vulnerable Software and Affected Versions: RadiusTheme The Post Grid versions n/a through 7.7.17 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. This allows PHP...

7.5CVSS9.3AI score0.01EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/03/27 12:0 a.m.7 views

WordPress plugin The Post Grid 安全漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.5CVSS8.2AI score0.01EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/03/02 7:19 a.m.12 views

CVE-2024-13796

The Post Grid and Gutenberg Blocks – ComboBlocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.6 via the /wp-json/post-grid/v2/getusers REST API This makes it possible for unauthenticated attackers to extract sensitive data includin...

7.5CVSS6.7AI score0.00409EPSS
Exploits0References1
OSV
OSV
added 2025/02/28 5:15 a.m.4 views

CVE-2024-13796

The Post Grid and Gutenberg Blocks – ComboBlocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.6 via the /wp-json/post-grid/v2/getusers REST API This makes it possible for unauthenticated attackers to extract sensitive data includin...

7.5CVSS5.8AI score0.00409EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/02/28 12:0 a.m.4 views

WordPress plugin Post Grid and Gutenberg Blocks 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

7.5CVSS7.8AI score0.00409EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/02/27 11:19 p.m.8 views

WordPress Post Grid and Gutenberg Blocks plugin <= 2.3.6 - Unauthenticated User Information Exposure vulnerability

Unauthenticated User Information Exposure vulnerability discovered by wesley wcraft in WordPress Plugin Post Grid and Gutenberg Blocks versions = 2.3.6...

7.5CVSS7AI score0.00409EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder