CVE-2025-68605 WordPress Post Grid and Gutenberg Blocks plugin <= 2.3.23 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Stored XSS.This issue affects Post Grid and Gutenberg Blocks: from n/a through = 2.3.23...

CVE-2025-68605 WordPress Post Grid and Gutenberg Blocks plugin <= 2.3.23 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Stored XSS.This issue affects Post Grid and Gutenberg Blocks: from n/a through = 2.3.23...

PT-2025-53292

Name of the Vulnerable Software and Affected Versions PickPlugins Post Grid and Gutenberg Blocks versions through 2.3.18 Description The Post Grid and Gutenberg Blocks software contains a flaw due to improper input neutralization during web page generation, leading to a potential cross-site...

CVE-2021-39165

Cachet is an open source status page. With Cachet prior to and including 2.3.18, there is a SQL injection which is in the SearchableTraitscopeSearch. Attackers without authentication can utilize this vulnerability to exfiltrate sensitive data from the database such as administrator's password and...

CVE-2024-50655

emlog pro =2.3.18 is vulnerable to Cross Site Scripting XSS, which allows attackers to write malicious JavaScript code in published articles...

CVE-2022-29236

BigBlueButton is an open source web conferencing system. Starting in version 2.2 and prior to versions 2.3.18 and 2.4-rc-6, an attacker can circumvent access restrictions for drawing on the whiteboard. The permission check is inadvertently skipped on the server, due to a previously introduced gra...

CVE-2022-29236 Improper access control for pencil annotations in BigBlueButton

BigBlueButton is an open source web conferencing system. Starting in version 2.2 and prior to versions 2.3.18 and 2.4-rc-6, an attacker can circumvent access restrictions for drawing on the whiteboard. The permission check is inadvertently skipped on the server, due to a previously introduced gra...

GHSA-79MG-4W23-4FQC Unauthenticated SQL Injection in Cachet

Impact In Cachet versions through 2.3.18, there is a SQL injection which is in the SearchableTraitscopeSearch. Attackers without authentication can utilize this vulnerability to exfiltrate sensitive data from the database such as administrator's password and session. Patches The original reposito...

Github Cachet SQL注入漏洞

Github Cachet is a software application. An open source status page system. A SQL injection vulnerability exists in versions prior to Cachet 2.3.18, which can be exploited by unauthenticated attackers to steal sensitive data such as administrator passwords and sessions from the database...

Jenkins Credentials Plugin 跨站脚本漏洞

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site scripting...