Lucene search
K

617 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:45 a.m.10 views

CVE-2022-0447

The Post Grid WordPress plugin before 2.1.16 does not sanitise and escape the posttypes parameter before outputting it back in the response of the postgridupdatetaxonomiestermsbyposttypes AJAX action, available to any authenticated users, leading to a Reflected Cross-Site Scripting...

6.4CVSS6.4AI score0.00632EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:13 a.m.20 views

CVE-2024-2503

The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Post Grid Widget in all versions up to, and including, 2.6.9.2 due to insufficient input sanitization and output escaping on user supplied tags. This makes it possible for authenticated...

6.4CVSS5.5AI score0.00434EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/31 12:0 a.m.6 views

WordPress Post Grid, Slider & Carousel Ultimate plugin <= 1.6.10 - Authenticated (Contributor+) Local File Inclusion vulnerability

Authenticated Contributor+ Local File Inclusion vulnerability discovered by zaim in WordPress Plugin Post Grid, Slider & Carousel Ultimate versions = 1.6.10...

8.8CVSS5.3AI score0.00582EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/12/31 12:0 a.m.4 views

WordPress Post Grid, Slider & Carousel Ultimate - with Shortcode, Gutenberg Block & Elementor Widget plugin <= 1.6.10 - Authenticated (Contributor+) Local File Inclusion via post_type_ajax_handler() vulnerability

WordPress Post Grid, Slider & Carousel Ultimate - with Shortcode, Gutenberg Block & Elementor Widget plugin = 1.6.10 - Authenticated Contributor+ Local File Inclusion via posttypeajaxhandler vulnerability discovered by Hiroho Shimada in WordPress Plugin Post Grid, Slider & Carousel Ultimate...

8.8CVSS5.5AI score0.00842EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/25 1:23 p.m.5 views

CVE-2025-68605

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Stored XSS.This issue affects Post Grid and Gutenberg Blocks: from n/a through = 2.3.23...

6.5CVSS5.9AI score0.00133EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/24 3:30 p.m.4 views

EUVD-2025-205231

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Stored XSS.This issue affects Post Grid and Gutenberg Blocks: from n/a through = 2.3.18...

5.4CVSS5.5AI score0.00133EPSS
Exploits0References2
NVD
NVD
added 2025/12/24 1:16 p.m.6 views

CVE-2025-68605

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Stored XSS.This issue affects Post Grid and Gutenberg Blocks: from n/a through = 2.3.23...

6.5CVSS0.00133EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/24 1:10 p.m.35 views

CVE-2025-68605 WordPress Post Grid and Gutenberg Blocks plugin <= 2.3.23 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Stored XSS.This issue affects Post Grid and Gutenberg Blocks: from n/a through = 2.3.23...

6.5CVSS0.00133EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/24 1:10 p.m.6 views

CVE-2025-68605 WordPress Post Grid and Gutenberg Blocks plugin <= 2.3.23 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Stored XSS.This issue affects Post Grid and Gutenberg Blocks: from n/a through = 2.3.23...

6.5CVSS5.2AI score0.00133EPSS
Exploits0References1
CVE
CVE
added 2025/12/24 1:10 p.m.13 views

CVE-2025-68605

CVE-2025-68605 concerns the WordPress Post Grid and Post Grid Gutenberg Blocks. The connected Wordfence details confirm a Stored XSS issue in Post Grid and Gutenberg Blocks versions up to 2.3.x (the CVE entry references 2.3.21 as a ceiling in the vulnerability listing). The description indicates ...

6.5CVSS5.9AI score0.00133EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/24 12:0 a.m.5 views

WordPress plugin Post Grid and Gutenberg Blocks 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

6.5CVSS5.9AI score0.00133EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.6 views

PT-2025-53292

Name of the Vulnerable Software and Affected Versions PickPlugins Post Grid and Gutenberg Blocks versions through 2.3.18 Description The Post Grid and Gutenberg Blocks software contains a flaw due to improper input neutralization during web page generation, leading to a potential cross-site...

5.4CVSS5.2AI score0.00133EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/12/22 2:35 a.m.7 views

CVE-2025-12980

The Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the '/ultp/v2/getdynamiccontent/' REST API endpoint in all versions up to, and including, 5.0.3. This makes it possible...

7.5CVSS5.5AI score0.00277EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/21 3:31 a.m.8 views

EUVD-2025-204648

The Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the '/ultp/v2/getdynamiccontent/' REST API endpoint in all versions up to, and including, 5.0.3. This makes it possible...

7.5CVSS5AI score0.00277EPSS
Exploits0References3
NVD
NVD
added 2025/12/21 3:15 a.m.12 views

CVE-2025-12980

The Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the '/ultp/v2/getdynamiccontent/' REST API endpoint in all versions up to, and including, 5.0.3. This makes it possible...

7.5CVSS0.00277EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/21 2:20 a.m.3 views

CVE-2025-12980 Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX <= 5.0.3 - Missing Authorization to Unauthenticated Sensitive Information Exposure

The Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the '/ultp/v2/getdynamiccontent/' REST API endpoint in all versions up to, and including, 5.0.3. This makes it possible...

7.5CVSS5.1AI score0.00277EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/21 2:20 a.m.26 views

CVE-2025-12980 Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX <= 5.0.3 - Missing Authorization to Unauthenticated Sensitive Information Exposure

The Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the '/ultp/v2/getdynamiccontent/' REST API endpoint in all versions up to, and including, 5.0.3. This makes it possible...

7.5CVSS0.00277EPSS
Exploits0References2
CVE
CVE
added 2025/12/21 2:20 a.m.27 views

CVE-2025-12980

CVE-2025-12980 affects the WordPress plugin Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX . The vulnerability is a Missing Authorization to Unauthenticated Sensitive Information Exposure via the REST endpoint /ultp/v2/get_dynamic_content/ in all versions up to 5.0.3, enabl...

7.5CVSS5.1AI score0.00277EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/12/21 1:59 a.m.6 views

WordPress Post Grid and Gutenberg Blocks plugin <= 2.3.23 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Post Grid and Gutenberg Blocks versions = 2.3.23...

5.4CVSS5.9AI score0.00133EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/12/21 12:0 a.m.6 views

WordPress plugin Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin Post...

7.5CVSS6.4AI score0.00277EPSS
Exploits0References3
Rows per page
Query Builder