Lucene search
K

7 matches found

CVE
CVE
added 2026/06/08 11:23 a.m.27 views

CVE-2026-3011

CVE-2026-3011 - Recipe Card Blocks Lite (WordPress) Vulnerability: Stored Cross-Site Scripting in the Recipe Card Blocks Lite plugin for WordPress, affecting all versions up to 3.4.13. Affected component: WPZOOM Recipe Card Blocks Lite plugin for WordPress (block-based recipe card feature). Root ...

6.4CVSS5.7AI score0.00206EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/08 11:23 a.m.9 views

CVE-2026-3011 Recipe Card Blocks Lite <= 3.4.13 - Authenticated (Author+) Stored Cross-Site Scripting via 'summary' and 'notes'

The Recipe Card Blocks Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the recipe block's 'summary' and 'notes' attributes in all versions up to, and including, 3.4.13. This is due to the 'WPZOOMHelpers::deserializeblockattributes' method converting unicode-encoded...

6.4CVSS5.7AI score0.00206EPSS
Exploits0References6
Patchstack
Patchstack
added 2026/06/07 12:0 a.m.12 views

WordPress Recipe Card Blocks Lite plugin <= 3.4.13 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by ? in WordPress Plugin Recipe Card Blocks for Gutenberg & Elementor versions = 3.4.13...

6.4CVSS5.4AI score0.00206EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/27 9:23 a.m.14 views

CVE-2025-14973

The Recipe Card Blocks Lite WordPress plugin before 3.4.13 does not sanitize and escape a parameter before using it in a SQL statement, allowing contributors and above to perform SQL injection attacks...

6.8CVSS5.9AI score0.00313EPSS
Exploits0References1
NVD
NVD
added 2026/01/26 7:16 a.m.9 views

CVE-2025-14973

The Recipe Card Blocks Lite WordPress plugin before 3.4.13 does not sanitize and escape a parameter before using it in a SQL statement, allowing contributors and above to perform SQL injection attacks...

6.8CVSS0.00313EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/26 6:0 a.m.4 views

CVE-2025-14973

The Recipe Card Blocks Lite WordPress plugin before 3.4.13 does not sanitize and escape a parameter before using it in a SQL statement, allowing contributors and above to perform SQL injection attacks...

6.8CVSS5.9AI score0.00313EPSS
Exploits0References1
CVE
CVE
added 2026/01/26 6:0 a.m.19 views

CVE-2025-14973

The CVE-2025-14973 entry concerns the WordPress plugin Recipe Card Blocks Lite, vulnerable to SQL injection due to improper sanitization/escaping of a parameter before using it in a SQL statement. Affected versions are before 3.4.13, and exploitation is possible by users with Contributor+ privile...

6.8CVSS5.7AI score0.00313EPSS
Exploits0References1
Rows per page
Query Builder