WordPress BlockSpare — News, Magazine and Blog Addons for (Gutenberg) Block Editor plugin <= 3.2.6 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Blockspare versions = 3.2.6...

WordPress Blockspare plugin <= 3.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Francesco Carlucci in WordPress Plugin Blockspare versions = 3.2.4...

WordPress Blockspare plugin sensitive information insertion vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. The WordPress Blockspare plugin suffers from a sensitive information insertion vulnerability that originates from inserting sensitive information in sent data, which can be...

CVE-2025-62026

Insertion of Sensitive Information Into Sent Data vulnerability in Blockspare Blockspare blockspare allows Retrieve Embedded Sensitive Data.This issue affects Blockspare: from n/a through = 3.2.13.2...

EUVD-2025-35382

Insertion of Sensitive Information Into Sent Data vulnerability in Blockspare Blockspare blockspare allows Retrieve Embedded Sensitive Data.This issue affects Blockspare: from n/a through = 3.2.13.2...

CVE-2025-62026

Insertion of Sensitive Information Into Sent Data vulnerability in Blockspare Blockspare blockspare allows Retrieve Embedded Sensitive Data.This issue affects Blockspare: from n/a through = 3.2.13.2...

CVE-2025-62026

CVE-2025-62026 refers to a Blockspare WordPress plugin vulnerability (

CVE-2025-62026 WordPress Blockspare plugin <= 3.2.13.2 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Blockspare Blockspare blockspare allows Retrieve Embedded Sensitive Data.This issue affects Blockspare: from n/a through = 3.2.13.2...

CVE-2025-62026 WordPress Blockspare plugin <= 3.2.13.2 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Blockspare Blockspare blockspare allows Retrieve Embedded Sensitive Data.This issue affects Blockspare: from n/a through = 3.2.13.2...

WordPress plugin Blockspare 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. The WordPress Blockspare plugin suffers from a sensitive information insertion vulnerability that originates from inserting sensitive information in sent data, which can be...

WordPress Blockspare plugin <= 3.2.13.2 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Abu Hurayra in WordPress Plugin Blockspare versions = 3.2.13.2...

EUVD-2024-42399

Malicious code in bioql PyPI...

EUVD-2024-49093

Malicious code in bioql PyPI...

EUVD-2025-13828

Malicious code in bioql PyPI...

EUVD-2024-40091

Malicious code in bioql PyPI...

WordPress Blockspare plugin cross-site scripting vulnerability

WordPress Blockspare plugin is a visual page builder plugin for WordPress that focuses on simplifying the website building process through drag and drop operations. WordPress Blockspare plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective...

CVE-2025-4684

The BlockSpare: Gutenberg Blocks & Patterns for Blogs, Magazines, Business Sites – Post Grids, Sliders, Carousels, Counters, Page Builder & Starter Site Imports, No Coding Needed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HTML attributes of Image Carousel and Image...

CVE-2025-4684

CVE-2025-4684 affects the WordPress plugin BlockSpare (Gutenberg Blocks & Patterns) up to version 3.2.13.1. The vulnerability is a Stored Cross‑Site Scripting flaw stemming from insufficient input sanitization and output escaping in the HTML attributes of the Image Carousel and Image Slider widge...

CVE-2025-4684 BlockSpare: Gutenberg Blocks & Patterns for Blogs, Magazines, Business Sites <= 3.2.13.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Carousel and Image Slider Widgets

The BlockSpare: Gutenberg Blocks & Patterns for Blogs, Magazines, Business Sites – Post Grids, Sliders, Carousels, Counters, Page Builder & Starter Site Imports, No Coding Needed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HTML attributes of Image Carousel and Image...

PT-2025-31625 · WordPress · The Blockspare +1

Name of the Vulnerable Software and Affected Versions: The BlockSpare: Gutenberg Blocks & Patterns for Blogs, Magazines, Business Sites – Post Grids, Sliders, Carousels, Counters, Page Builder & Starter Site Imports, No Coding Needed plugin for WordPress versions through 3.2.13.1 Description: The...