Exploit for Unrestricted Upload of File with Dangerous Type in Greenshiftwp Greenshift_-_Animation_And_Page_Builder_Blocks

Metasploit Module: Greenshift WordPress Plugin Arbitrary File...

CVE-2025-11841

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Chart Data attributes in all versions up to, and including, 12.2.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

CVE-2023-0378 Greenshift < 5.0 - Contributor+ Stored XSS

The Greenshift WordPress plugin before 5.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

PT-2023-16227 · WordPress · Greenshift

Name of the Vulnerable Software and Affected Versions: Greenshift WordPress plugin versions prior to 5.0 Description: The issue arises from the Greenshift WordPress plugin not validating and escaping some of its block options before outputting them back in a page or post where the block is...