53 matches found
CVE-2026-3011
The Recipe Card Blocks Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the recipe block's 'summary' and 'notes' attributes in all versions up to, and including, 3.4.13. This is due to the 'WPZOOMHelpers::deserializeblockattributes' method converting unicode-encoded...
CVE-2026-3011
The Recipe Card Blocks Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the recipe block's 'summary' and 'notes' attributes in all versions up to, and including, 3.4.13. This is due to the 'WPZOOMHelpers::deserializeblockattributes' method converting unicode-encoded...
CVE-2026-3011 Recipe Card Blocks Lite <= 3.4.13 - Authenticated (Author+) Stored Cross-Site Scripting via 'summary' and 'notes'
The Recipe Card Blocks Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the recipe block's 'summary' and 'notes' attributes in all versions up to, and including, 3.4.13. This is due to the 'WPZOOMHelpers::deserializeblockattributes' method converting unicode-encoded...
CVE-2026-3011 Recipe Card Blocks Lite <= 3.4.13 - Authenticated (Author+) Stored Cross-Site Scripting via 'summary' and 'notes'
The Recipe Card Blocks Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the recipe block's 'summary' and 'notes' attributes in all versions up to, and including, 3.4.13. This is due to the 'WPZOOMHelpers::deserializeblockattributes' method converting unicode-encoded...
CVE-2026-3011
The Recipe Card Blocks Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the recipe block's 'summary' and 'notes' attributes in all versions up to, and including, 3.4.13. This is due to the 'WPZOOMHelpers::deserializeblockattributes' method converting unicode-encoded...
CVE-2026-3011
CVE-2026-3011 - Recipe Card Blocks Lite (WordPress) Vulnerability: Stored Cross-Site Scripting in the Recipe Card Blocks Lite plugin for WordPress, affecting all versions up to 3.4.13. Affected component: WPZOOM Recipe Card Blocks Lite plugin for WordPress (block-based recipe card feature). Root ...
PT-2026-47275
The Recipe Card Blocks Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the recipe block's 'summary' and 'notes' attributes in all versions up to, and including, 3.4.13. This is due to the 'WPZOOM Helpers::deserialize block attributes' method converting unicode-encoded...
WordPress plugin Recipe Card Blocks Lite 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress Recipe Card Blocks Lite plugin <= 3.4.13 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability
Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by ? in WordPress Plugin Recipe Card Blocks for Gutenberg & Elementor versions = 3.4.13...
CVE-2025-14973
The Recipe Card Blocks Lite WordPress plugin before 3.4.13 does not sanitize and escape a parameter before using it in a SQL statement, allowing contributors and above to perform SQL injection attacks...
WordPress Recipe Card Blocks plugin < 3.4.13 - Contributor+ SQLi vulnerability
Contributor+ SQLi vulnerability discovered by Purachai Phonwisut in WordPress Plugin Recipe Card Blocks for Gutenberg & Elementor versions 3.4.13...
CVE-2025-14973
The Recipe Card Blocks Lite WordPress plugin before 3.4.13 does not sanitize and escape a parameter before using it in a SQL statement, allowing contributors and above to perform SQL injection attacks...
CVE-2025-14973
The Recipe Card Blocks Lite WordPress plugin before 3.4.13 does not sanitize and escape a parameter before using it in a SQL statement, allowing contributors and above to perform SQL injection attacks...
EUVD-2025-206372
The Recipe Card Blocks Lite WordPress plugin before 3.4.13 does not sanitize and escape a parameter before using it in a SQL statement, allowing contributors and above to perform SQL injection attacks...
CVE-2025-14973 Recipe Card Blocks < 3.4.13 - Contributor+ SQLi
The Recipe Card Blocks Lite WordPress plugin before 3.4.13 does not sanitize and escape a parameter before using it in a SQL statement, allowing contributors and above to perform SQL injection attacks...
CVE-2025-14973 Recipe Card Blocks < 3.4.13 - Contributor+ SQLi
The Recipe Card Blocks Lite WordPress plugin before 3.4.13 does not sanitize and escape a parameter before using it in a SQL statement, allowing contributors and above to perform SQL injection attacks...
CVE-2025-14973
The CVE-2025-14973 entry concerns the WordPress plugin Recipe Card Blocks Lite, vulnerable to SQL injection due to improper sanitization/escaping of a parameter before using it in a SQL statement. Affected versions are before 3.4.13, and exploitation is possible by users with Contributor+ privile...
WordPress plugin Recipe Card Blocks Lite has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
EUVD-2025-35389
Missing Authorization vulnerability in WPZOOM Recipe Card Blocks for Gutenberg & Elementor recipe-card-blocks-by-wpzoom.This issue affects Recipe Card Blocks for Gutenberg & Elementor: from n/a through = 3.4.8...
CVE-2025-62019
Missing Authorization vulnerability in WPZOOM Recipe Card Blocks for Gutenberg & Elementor recipe-card-blocks-by-wpzoom.This issue affects Recipe Card Blocks for Gutenberg & Elementor: from n/a through = 3.4.8...