WordPress Getwid plugin <= 2.0.10 - Missing Authorization to Google API key update vulnerability

Missing Authorization to Google API key update vulnerability discovered by Peter Thaleikis in WordPress Plugin Getwid versions = 2.0.10...

CVE-2025-58252

CVE-2025-58252 affects Getwid (WordPress Getwid plugin) up to version 2.1.2. Reported as an authenticated issue (Contributor+) describing an Insertion of Sensitive Information Into Sent Data vulnerability that enables retrieval of embedded sensitive data from Getwid (Getwid – Gutenberg Blocks). C...

WordPress Getwid – Gutenberg Blocks plugin <= 2.0.12 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by stealthcopter in WordPress Plugin Getwid versions = 2.0.12...

WordPress Getwid – Gutenberg Blocks Plugin <= 2.0.7 is vulnerable to Cross Site Scripting (XSS)

Software Getwid – Gutenberg Blocks Type Plugin Vulnerable versions = 2.0.7 Fixed in 2.0.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3588 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9599eeb54223 Credits Webbernaut...

WordPress Getwid – Gutenberg Blocks Plugin <= 1.8.3 is vulnerable to Broken Access Control

Software Getwid – Gutenberg Blocks Type Plugin Vulnerable versions = 1.8.3 Fixed in 1.8.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-1910 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID bae53bb70dd5 Credits Ramuel Gall...