Lucene search
K

717 matches found

Nuclei
Nuclei
added yesterday18 views

Post Grid <= 2.2.50 - Information Exposure via REST API

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PickPlugins Post Grid Combo – 36+ Gutenberg Blocks.This issue affects Post Grid Combo – 36+ Gutenberg Blocks: from n/a through 2.2.50. id: CVE-2023-40211 info: name: Post Grid = 2.2.50 - Information Exposure via REST API...

7.5CVSS7AI score0.02041EPSS
Exploits0References3
NVD
NVD
added 2 days ago7 views

CVE-2026-15286

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to unauthorized post publication in all versions up to, and including, 3.5.32 due to a misconfigured capability check on the 'getitemspermissioncheck' function permission callback of the...

4.3CVSS0.00268EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2 days ago5 views

CVE-2026-15286

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to unauthorized post publication in all versions up to, and including, 3.5.32 due to a misconfigured capability check on the 'getitemspermissioncheck' function permission callback of the...

4.3CVSS5.9AI score0.00268EPSS
Exploits0References5
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-42795

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to unauthorized post publication in all versions up to, and including, 3.5.32 due to a misconfigured capability check on the 'getitemspermissioncheck' function permission callback of the...

4.3CVSS5.9AI score0.00268EPSS
Exploits0References4
Cvelist
Cvelist
added 2 days ago29 views

CVE-2026-15286 Gutenberg Blocks with AI by Kadence WP – Page Builder Features <= 3.5.32 - Incorrect Authorization to Authenticated (Contributor+) Post Publication

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to unauthorized post publication in all versions up to, and including, 3.5.32 due to a misconfigured capability check on the 'getitemspermissioncheck' function permission callback of the...

4.3CVSS0.00268EPSS
Exploits0References4
NVD
NVD
added 4 days ago7 views

CVE-2026-6740

The Nexter Blocks – Gutenberg Blocks, Page Builder & AI Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'commentIcon' parameter in all versions up to, and including, 4.7.4 due to insufficient input sanitization and output escaping. This makes it possible...

6.4CVSS0.00156EPSS
Exploits0References2
NVD
NVD
added 2026/06/25 4:17 a.m.6 views

CVE-2026-10833

The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'configurablePrefix' Block Attribute in all versions up to, and including, 6.1.4 due to insufficient input sanitization and output escaping. This...

6.4CVSS0.00193EPSS
Exploits0References4
CVE
CVE
added 2026/06/25 3:42 a.m.14 views

CVE-2026-10833

The vulnerability concerns the Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress. All versions up to 6.1.4 are affected by a Stored Cross-Site Scripting via the configurablePrefix Block Attribute, caused by insufficient input sanitization and output es...

6.4CVSS6AI score0.00193EPSS
Exploits0References4
Patchstack
Patchstack
added 2026/06/24 2:50 p.m.6 views

WordPress Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin <= 6.1.4 - Page Builder for Gutenberg Blocks & Patterns <= 6.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Page Builder for Gutenberg Blocks & Patterns plugin = 6.1.4 - Page Builder for Gutenberg Blocks & Patterns = 6.1.4 - Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Viet Anh Ngo in WordPress Plugin Essential Blocks for Gutenberg versions = 6.1.4...

6.4CVSS5.8AI score0.00193EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/17 4:14 p.m.7 views

WordPress Kadence Blocks — Page Builder Toolkit for Gutenberg Editor plugin <= 3.7.5 - Authenticated (Contributor+) Sensitive Information Exposure vulnerability

Authenticated Contributor+ Sensitive Information Exposure vulnerability discovered by se1en in WordPress Plugin Gutenberg Blocks by Kadence Blocks versions = 3.7.5...

4.3CVSS5.3AI score0.00243EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/17 2:17 p.m.11 views

CVE-2026-54808

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Travel WP Travel Gutenberg Blocks allows Blind SQL Injection. This issue affects WP Travel Gutenberg Blocks: from n/a through 3.9.4...

9.3CVSS0.00317EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 1:51 p.m.12 views

EUVD-2026-37713

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Travel WP Travel Gutenberg Blocks allows Blind SQL Injection. This issue affects WP Travel Gutenberg Blocks: from n/a through 3.9.4...

9.3CVSS5.6AI score0.00317EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/06 12:43 a.m.10 views

CVE-2026-10586

The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.1.3 via the saveaigeneratedimage function. This makes it possible for authenticated attackers, with Author-level...

7.2CVSS5.6AI score0.00213EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/05 12:31 a.m.12 views

EUVD-2026-34771

The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.1.3 via the saveaigeneratedimage function. This makes it possible for authenticated attackers, with Author-level...

7.2CVSS5.9AI score0.00213EPSS
Exploits0References3
NVD
NVD
added 2026/06/05 12:16 a.m.8 views

CVE-2026-10586

The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.1.3 via the saveaigeneratedimage function. This makes it possible for authenticated attackers, with Author-level...

7.2CVSS0.00213EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/04 11:28 p.m.10 views

CVE-2026-10586

The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.1.3 via the saveaigeneratedimage function. This makes it possible for authenticated attackers, with Author-level...

7.2CVSS5.9AI score0.00213EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.19 views

PT-2026-46763

Name of the Vulnerable Software and Affected Versions Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns versions prior to 6.1.4 Description The plugin is susceptible to Server-Side Request Forgery SSRF, a flaw where an attacker can induce the server-side application to mak...

7.2CVSS5.4AI score0.00213EPSS
Exploits0References6
Patchstack
Patchstack
added 2026/06/02 8:26 a.m.20 views

WordPress Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin <= 2.19.25 - Authenticated (Contributor+) Remote Code Execution vulnerability

Authenticated Contributor+ Remote Code Execution vulnerability discovered by kai63001 in WordPress Plugin Spectra versions = 2.19.25...

8.8CVSS5.8AI score0.01174EPSS
Exploits3References1Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2026/06/02 12:0 a.m.63 views

VulnCheck KEV: CVE-2026-7465

The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.19.25. This makes it possible for authenticated attackers, with Contributor-level access and above, to execute code on the server...

8.8CVSS6.1AI score0.01174EPSS
In wildExploits3References2
RedhatCVE
RedhatCVE
added 2026/06/01 4:3 p.m.12 views

CVE-2026-7465

The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.19.25. This makes it possible for authenticated attackers, with Contributor-level access and above, to execute code on the server...

8.8CVSS6.1AI score0.01174EPSS
Exploits3References1
Rows per page
Query Builder