EUVD-2025-4552

Malicious code in bioql PyPI...

EUVD-2025-11113

Malicious code in bioql PyPI...

CVE-2025-26951

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in covertnine C9 Blocks c9-blocks allows DOM-Based XSS.This issue affects C9 Blocks: from n/a through = 1.7.7...

CVE-2025-26951

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in covertnine C9 Blocks c9-blocks allows DOM-Based XSS.This issue affects C9 Blocks: from n/a through = 1.7.7...

CVE-2025-26951 WordPress C9 Blocks plugin <= 1.7.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in covertnine C9 Blocks c9-blocks allows DOM-Based XSS.This issue affects C9 Blocks: from n/a through = 1.7.7...

CVE-2025-26951

CVE-2025-26951 — WordPress (C9 Blocks) XSS : The vulnerability is a DOM-based Cross-Site Scripting flaw in the C9 Blocks plugin for WordPress, caused by improper neutralization of input during web page generation. Affected: C9 Blocks up to version 1.7.7. Impact is described as stored DOM-based XS...

CVE-2025-26951 WordPress C9 Blocks plugin <= 1.7.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in covertnine C9 Blocks c9-blocks allows DOM-Based XSS.This issue affects C9 Blocks: from n/a through = 1.7.7...

PT-2025-16524 · Unknown · Covertnine C9 Blocks

Name of the Vulnerable Software and Affected Versions: covertnine C9 Blocks versions 1.7.7 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based XSS. This is a type of Cross-site Scripting attack that occurs in the...

WordPress plugin C9 Blocks 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...

WordPress C9 Blocks plugin <= 1.7.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Gab Patchstack Alliance in WordPress Plugin C9 Blocks versions = 1.7.7...

CVE-2024-13537

The C9 Blocks plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.7.7. This is due the plugin containing a publicly accessible composer-setup.php file with error display enabled. This makes it possible for unauthenticated attackers to retrieve the fu...

CVE-2024-13537

The C9 Blocks plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.7.7. This is due the plugin containing a publicly accessible composer-setup.php file with error display enabled. This makes it possible for unauthenticated attackers to retrieve the fu...

CVE-2024-13537 C9 Blocks <= 1.7.7 - Unauthenticated Full Path Disclosure

The C9 Blocks plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.7.7. This is due the plugin containing a publicly accessible composer-setup.php file with error display enabled. This makes it possible for unauthenticated attackers to retrieve the fu...

CVE-2024-13537 C9 Blocks <= 1.7.7 - Unauthenticated Full Path Disclosure

The C9 Blocks plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.7.7. This is due the plugin containing a publicly accessible composer-setup.php file with error display enabled. This makes it possible for unauthenticated attackers to retrieve the fu...

WordPress plugin C9 Blocks 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress C9 Blocks plugin <= 1.7.7 - Unauthenticated Full Path Disclosure vulnerability

Unauthenticated Full Path Disclosure vulnerability discovered by stealthcopter in WordPress Plugin C9 Blocks versions = 1.7.7...