98 matches found
WordPress Greenshift plugin <= 12.8.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via disablelazy Attribute vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via disablelazy Attribute vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Greenshift versions = 12.8.9...
CVE-2026-4895
The GreenShift - Animation and Page Builder Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 12.8.9 This is due to insufficient input sanitization and output escaping in the gspbgreenShiftblockscriptassets function. The function uses...
CVE-2026-4895
The CVE-2026-4895 entry concerns the GreenShift - Animation and Page Builder Blocks WordPress plugin. A stored XSS exists in versions up to 12.8.9 due to insufficient input sanitization and output escaping in the gspb_greenShift_block_script_assets() function. The code uses str_replace() to inser...
WordPress plugin GreenShift - Animation and Page Builder Blocks 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress plugin Greenshift - animation and page builder blocks information disclosure vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Greenshift - animation a...
CVE-2026-2371
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 12.8.3. This is due to missing authorization and post status validation in the gspbelreusableload AJAX handler. The handler accepts an...
CVE-2026-2589
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 12.8.3 via the automated Settings Backup stored in a publicly accessible file. This makes it possible for unauthenticated attackers to...
EUVD-2026-10091
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 12.8.3. This is due to missing authorization and post status validation in the gspbelreusableload AJAX handler. The handler accepts an...
WordPress Greenshift plugin <= 12.8.3 - Missing Authorization to Unauthenticated Private Reusable Block Disclosure via 'gspb_el_reusable_load' vulnerability
Missing Authorization to Unauthenticated Private Reusable Block Disclosure via 'gspbelreusableload' vulnerability discovered by Lucas Montes NiRoX in WordPress Plugin Greenshift versions = 12.8.3...
WordPress plugin Greenshift – animation and page builder blocks 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
CVE-2026-2371 Greenshift <= 12.8.3 - Missing Authorization to Unauthenticated Private Reusable Block Disclosure via 'gspb_el_reusable_load'
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 12.8.3. This is due to missing authorization and post status validation in the gspbelreusableload AJAX handler. The handler accepts an...
CVE-2026-2371 Greenshift <= 12.8.3 - Missing Authorization to Unauthenticated Private Reusable Block Disclosure via 'gspb_el_reusable_load'
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 12.8.3. This is due to missing authorization and post status validation in the gspbelreusableload AJAX handler. The handler accepts an...
EUVD-2026-9887
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the gspbpostcss post meta value and the dynamicAttributes block attribute in all versions up to, and including, 12.8.5 due to insufficient input sanitization and output escapin...
CVE-2026-2589
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 12.8.3 via the automated Settings Backup stored in a publicly accessible file. This makes it possible for unauthenticated attackers to...
PT-2026-23762
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 12.8.3. This is due to missing authorization and post status validation in the gspb el reusable load AJAX handler. The handler accepts an...
CVE-2026-2589
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 12.8.3 via the automated Settings Backup stored in a publicly accessible file. This makes it possible for unauthenticated attackers to...
CVE-2026-2589 Greenshift – animation and page builder blocks <= 12.8.3 - Unauthenticated Sensitive Information Exposure via Settings Backup
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 12.8.3 via the automated Settings Backup stored in a publicly accessible file. This makes it possible for unauthenticated attackers to...
CVE-2026-2589 Greenshift – animation and page builder blocks <= 12.8.3 - Unauthenticated Sensitive Information Exposure via Settings Backup
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 12.8.3 via the automated Settings Backup stored in a publicly accessible file. This makes it possible for unauthenticated attackers to...
CVE-2026-2589
The Greenshift WordPress plugin (animation and page builder blocks) is vulnerable to Sensitive Information Exposure in all versions up to 12.8.3 via an automated Settings Backup stored in a publicly accessible file. This allows unauthenticated attackers to extract configured API keys (OpenAI, Cla...
WordPress Greenshift - animation and page builder blocks plugin <= 12.8.3 - Unauthenticated Sensitive Information Exposure via Settings Backup vulnerability
WordPress Greenshift - animation and page builder blocks plugin = 12.8.3 - Unauthenticated Sensitive Information Exposure via Settings Backup vulnerability discovered by Quốc Huy jtwings - Puramu in WordPress Plugin Greenshift versions = 12.8.3...