CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in CozyThemes Cozy Blocks cozy-addons allows Code Injection.This issue affects Cozy Blocks: from n/a through = 2.1.29...

5.3CVSS5.9AI score0.00051EPSS

Exploits0References1

NVD•added 2025/09/22 7:16 p.m.•4 views

CVE-2025-59573

5.3CVSS0.00051EPSS

Exploits0References1

Patchstack•added 2025/09/22 6:27 p.m.•4 views

WordPress Cozy Blocks Plugin <= 2.1.29 - Content Injection Vulnerability

Content Injection Vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Cozy Blocks versions = 2.1.29...

5.3CVSS6.9AI score0.00051EPSS

Exploits0Affected Software1

CVE•added 2025/09/22 6:25 p.m.•12 views

CVE-2025-59573

CVE-2025-59573: Cozy Blocks (Cozy Themes) for WordPress vulnerable to unauthenticated arbitrary shortcode execution via improper neutralization of script-related HTML; affected versions up to 2.1.29; patch available in 2.1.29; CVSS 3.1 Base 5.3 (Medium).

5.3CVSS5.9AI score0.00051EPSS

Exploits0References1

Positive Technologies•added 2025/09/22 12:0 a.m.•3 views

PT-2025-39047

Name of the Vulnerable Software and Affected Versions CozyThemes Cozy Blocks versions through 2.1.29 Description A flaw exists in CozyThemes Cozy Blocks that allows for code injection due to improper neutralization of script-related HTML tags on a web page. This is a Basic Cross-Site Scripting XS...

5.3CVSS6AI score0.00051EPSS

Exploits0References3

CNNVD•added 2025/09/22 12:0 a.m.•2 views

WordPress plugin Cozy Blocks 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

5.3CVSS6.7AI score0.00051EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:57 a.m.•5 views

CVE-2024-47355

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CozyThemes Cozy Blocks cozy-addons allows Stored XSS.This issue affects Cozy Blocks: from n/a through = 2.0.11...

6.5CVSS5.9AI score0.00156EPSS

Exploits0References1

RedhatCVE•added 2025/05/09 3:26 p.m.•9 views

CVE-2025-47485

Missing Authorization vulnerability in CozyThemes Cozy Blocks cozy-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cozy Blocks: from n/a through = 2.1.22...

5.3CVSS7.2AI score0.0023EPSS

Exploits0References1

Cvelist•added 2025/05/07 2:19 p.m.•21 views

CVE-2025-47485 WordPress Cozy Blocks plugin <= 2.1.22 - Broken Access Control Vulnerability

5.3CVSS0.0023EPSS

Exploits0References1

Patchstack•added 2025/05/07 12:31 p.m.•10 views

WordPress Cozy Blocks plugin <= 2.1.22 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Marek Mikita in WordPress Plugin Cozy Blocks versions = 2.1.22...

5.3CVSS8.2AI score0.0023EPSS

Exploits0Affected Software1

Positive Technologies•added 2025/05/07 12:0 a.m.•3 views

PT-2025-20112 · Unknown · Cozy Blocks

Name of the Vulnerable Software and Affected Versions: Cozy Blocks versions through 2.1.22 Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For versions through 2.1.22, updat...

5.3CVSS6.1AI score0.0023EPSS

Exploits0References3

CNNVD•added 2025/05/07 12:0 a.m.•1 views

WordPress plugin Cozy Blocks 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS6.3AI score0.0023EPSS

Exploits0References1

RedhatCVE•added 2025/03/29 12:15 p.m.•11 views

CVE-2025-30838

6.5CVSS7.2AI score0.00174EPSS

Exploits0References1

CVE•added 2025/03/27 10:55 a.m.•46 views

CVE-2025-30838

CVE-2025-30838 reports a Stored XSS in Cozy Blocks (Cozy Blocks) for WordPress. Affected: Cozy Blocks — from n/a through 2.1.6. Root cause: Improper Neutralization of Input During Web Page Generation (XSS). Impact: stored cross-site scripting via input handled by Cozy Blocks blocks; exploitation ...

6.5CVSS7.2AI score0.00174EPSS

Exploits0References1