EUVD-2024-22234

Malicious code in bioql PyPI...

CVE-2025-55713

Blocksy WordPress theme versions through 2.1.6 are affected by an Improper neutralization of input during web page generation, resulting in Stored Cross-Site Scripting (XSS). The vulnerability affects the Blocksy frontend when handling user-supplied data without adequate escaping, per PT-2025-334...

WordPress Blocksy Theme <= 2.1.6 is vulnerable to Cross Site Scripting (XSS)

Software Blocksy Type Theme Vulnerable versions = 2.1.6 Fixed in 2.1.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2025-55713 Patch priority Low CVSS severity Low 5.9 Developer Creative Themes PSID 05f50ffb9258 Credits savphill Required privilege Shop manager...

CVE-2024-32961

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in creativethemeshq Blocksy blocksy.This issue affects Blocksy: from n/a through = 2.0.33...

CVE-2025-47465

Missing Authorization vulnerability in creativethemeshq Blocksy blocksy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Blocksy: from n/a through = 2.0.97...

CVE-2025-47465 WordPress Blocksy theme <= 2.0.97 - Broken Access Control Vulnerability

Missing Authorization vulnerability in creativethemeshq Blocksy blocksy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Blocksy: from n/a through = 2.0.97...

CVE-2024-37469

Cross-Site Request Forgery CSRF vulnerability in creativethemeshq Blocksy blocksy allows Cross Site Request Forgery.This issue affects Blocksy: from n/a through = 2.0.22...

PT-2024-25009 · Blocksy · Blocksy

Name of the Vulnerable Software and Affected Versions: Blocksy versions 2.0.33 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS attacks. Recommendations: For versions 2.0.33...