11 matches found
EUVD-2026-20783
The Post Blocks & Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sliderStyle' block attribute in the Posts Slider block in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes ...
CVE-2026-5711
The Post Blocks & Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sliderStyle' block attribute in the Posts Slider block in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes ...
CVE-2026-5711 Post Blocks & Tools <= 1.3.0 - Authenticated (Author+) Stored Cross-Site Scripting via 'sliderStyle' Block Attribute
The Post Blocks & Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sliderStyle' block attribute in the Posts Slider block in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes ...
CVE-2026-5711 Post Blocks & Tools <= 1.3.0 - Authenticated (Author+) Stored Cross-Site Scripting via 'sliderStyle' Block Attribute
The Post Blocks & Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sliderStyle' block attribute in the Posts Slider block in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes ...
WordPress Gosign - Posts Slider Block plugin <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
WordPress Gosign - Posts Slider Block plugin = 1.1.0 - Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Nishiv - Developer in WordPress Plugin Gosign – Posts Slider Block versions = 1.1.0...
EUVD-2025-9160
Malicious code in bioql PyPI...
CVE-2025-31891
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gosign Gosign – Posts Slider Block gosign-posts-slider-block allows Stored XSS.This issue affects Gosign – Posts Slider Block: from n/a through = 1.1.0...
CVE-2025-31891
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gosign Gosign – Posts Slider Block gosign-posts-slider-block allows Stored XSS.This issue affects Gosign – Posts Slider Block: from n/a through = 1.1.0...
CVE-2025-31891 WordPress Gosign – Posts Slider Block plugin <= 1.1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gosign Gosign – Posts Slider Block allows Stored XSS. This issue affects Gosign – Posts Slider Block: from n/a through 1.1.0...
PT-2025-14266 · Unknown · Gosign – Posts Slider Block
Name of the Vulnerable Software and Affected Versions: Gosign – Posts Slider Block versions 1.1.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This enables potential attackers...
WordPress plugin Gosign 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...