CVE-2025-49903 WordPress ZoloBlocks plugin <= 2.3.11 - Broken Access Control vulnerability

Missing Authorization vulnerability in bdthemes ZoloBlocks zoloblocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ZoloBlocks: from n/a through = 2.3.11...

CVE-2025-58230

ZoloBlocks (WordPress plugin) has a DOM-based XSS vulnerability caused by improper input neutralization during Web Page Generation. Affected versions are listed as up to 2.3.9 in the CVE description, with connected sources indicating a later patched state (≤ 2.3.12). Exploitation details are not ...