3 matches found
CVE-2025-5678 Kadence Blocks – Gutenberg Blocks for Page Builder Features <= 3.5.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via `redirectURL` Parameter
The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘redirectURL’ parameter in all versions up to, and including, 3.5.10 due to insufficient input sanitization and output escaping. This makes it possible for...
WordPress Gutenberg Blocks by Kadence Blocks plugin <= 3.5.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via `redirectURL` Parameter vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via redirectURL Parameter vulnerability discovered by Asaf Mozes in WordPress Plugin Gutenberg Blocks by Kadence Blocks versions = 3.5.10...
CVE-2025-5678
creationtimestamp| type| source ---|---|--- 2025-03-11 14:33:55+00:00| seen| https://gist.github.com/thecodefreaker/25c6d23462ef4dc919e865f57340022e 2025-10-03 09:26:13+00:00| seen| https://gist.github.com/Darkcrai86/4796e3e2e15b4d763a60bd3b23837c75...