4 matches found
CVE-2025-26937
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins Icon List Block icon-list-block allows Stored XSS.This issue affects Icon List Block: from n/a through = 1.1.3...
CVE-2025-26937 WordPress Icon List Block plugin <= 1.1.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins Icon List Block icon-list-block allows Stored XSS.This issue affects Icon List Block: from n/a through = 1.1.3...
CVE-2025-26937 WordPress Icon List Block plugin <= 1.1.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins Icon List Block icon-list-block allows Stored XSS.This issue affects Icon List Block: from n/a through = 1.1.3...
CVE-2025-26937
CVE-2025-26937 is an authenticated stored XSS in the WordPress plugin block Icon List Block . The issue arises from improper input neutralization during web page generation, enabling stored XSS when rendering the Icon List Block. Affected versions range up to 1.1.3 ; Wordfence notes this vulnerab...