PT-2026-33919

The Responsive Blocks – Page Builder for Blocks & Patterns plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 2.2.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticat...

EUVD-2024-30612

Malicious code in bioql PyPI...

EUVD-2024-16870

Malicious code in bioql PyPI...

CVE-2024-32826

Missing Authorization vulnerability in Vektor,Inc. VK Block Patterns.This issue affects VK Block Patterns: from n/a through 1.31.0...

CVE-2024-0623

The VK Block Patterns plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.31.1.1. This is due to missing or incorrect nonce validation on the vbpclearpatternscache function. This makes it possible for unauthenticated attackers to clear the...

VK Block Patterns < 1.31.1.1 - Missing Authorization

Description The VK Block Patterns plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vbpclearpatternscache function in versions up to, and including, 1.31.0. This makes it possible for unauthenticated attackers to clear the patterns...

CVE-2024-32826

Technical details are not publicly available in the provided documents. Monitor for updates on CVE-2024-32826 affecting VK Block Patterns up to 1.31.0 with Missing Authorization.

CVE-2024-32826 WordPress VK Block Patterns plugin <= 1.31.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Vektor,Inc. VK Block Patterns.This issue affects VK Block Patterns: from n/a through 1.31.0...

CVE-2024-32826 WordPress VK Block Patterns plugin <= 1.31.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Vektor,Inc. VK Block Patterns.This issue affects VK Block Patterns: from n/a through 1.31.0...

WordPress plugin VK Block Patterns 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress VK Block Patterns plugin <= 1.31.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin VK Block Patterns versions = 1.31.0...

WordPress VK Block Patterns Plugin <= 1.31.0 is vulnerable to Broken Access Control

Software VK Block Patterns Type Plugin Vulnerable versions = 1.31.0 Fixed in 1.31.1.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32826 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 0e6a476cb12d Credits Mika Required privilege...

CVE-2024-1095 Build & Control Block Patterns – Boost up Gutenberg Editor <= 1.3.5.4 - Missing Authorization

The Build & Control Block Patterns – Boost up Gutenberg Editor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the settingsexport function in all versions up to, and including, 1.3.5.4. This makes it possible for unauthenticated attackers to...

PT-2024-16659 · WordPress · Build & Control Block Patterns – Boost Up Gutenberg Editor

Name of the Vulnerable Software and Affected Versions: The Build & Control Block Patterns – Boost up Gutenberg Editor plugin for WordPress versions up to, and including, 1.3.5.4 Description: The issue is related to unauthorized access of data due to a missing capability check on the settings expo...

WordPress Plugin Build & Control Block Patterns Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

Build & Control Block Patterns – Boost up Gutenberg Editor <= 1.3.5.4 - Missing Authorization

Description The Build & Control Block Patterns – Boost up Gutenberg Editor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the settingsexport function in all versions up to, and including, 1.3.5.4. This makes it possible for unauthenticated...

WordPress Build & Control Block Patterns Plugin <= 1.3.5.4 is vulnerable to Broken Access Control

Software Build & Control Block Patterns Type Plugin Vulnerable versions = 1.3.5.4 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1095 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 22028008ecb3 Credits Francesco...

VK Block Patterns < 1.31.2.0 - Cross-Site Request Forgery

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

WordPress VK Block Patterns Plugin <= 1.31.1.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software VK Block Patterns Type Plugin Vulnerable versions = 1.31.1.1 Fixed in 1.31.2.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-0623 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID a3d90060aab6 Credits kodaichodai...

CVE-2024-0623

The VK Block Patterns plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.31.1.1. This is due to missing or incorrect nonce validation on the vbpclearpatternscache function. This makes it possible for unauthenticated attackers to clear the...