WordPress Kadence Blocks Pro Plugin < 2.3.8 is vulnerable to Broken Access Control

Software Kadence Blocks Pro Type Plugin Vulnerable versions 2.3.8 Fixed in 2.3.8 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-1330 Patch priority Low CVSS severity Low 4.3 Developer KadenceWP PSID 0488c91e76be Credits Scott Kingsley Clark Required...

WordPress Gutenberg Blocks by Kadence Blocks Plugin <= 3.2.37 is vulnerable to Cross Site Scripting (XSS)

Software Gutenberg Blocks by Kadence Blocks Type Plugin Vulnerable versions = 3.2.37 Fixed in 3.2.38 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3189 Patch priority Low CVSS severity Low 6.5 Developer KadenceWP PSID a8aacbbab299 Credits...

WordPress Gutenberg Blocks by Kadence Blocks Plugin <= 3.2.19 is vulnerable to Server Side Request Forgery (SSRF)

Software Gutenberg Blocks by Kadence Blocks Type Plugin Vulnerable versions = 3.2.19 Fixed in 3.2.20 OWASP Top 10 A10: Server-Side Request Forgery SSRF Classification Server Side Request Forgery SSRF CVE CVE-2024-23500 Patch priority Low CVSS severity Low 7.7 Developer KadenceWP PSID 12733422b1ab...

WordPress Gutenberg Blocks by Kadence Blocks Plugin <= 3.2.23 is vulnerable to Cross Site Scripting (XSS)

Software Gutenberg Blocks by Kadence Blocks Type Plugin Vulnerable versions = 3.2.23 Fixed in 3.2.24 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1541 Patch priority Low CVSS severity Low 6.5 Developer KadenceWP PSID a52c24e03dfe Credits wesley...

WordPress Gutenberg Blocks by Kadence Blocks Plugin <= 3.1.10 is vulnerable to Arbitrary File Upload

Software Gutenberg Blocks by Kadence Blocks Type Plugin Vulnerable versions = 3.1.10 Fixed in 3.1.11 OWASP Top 10 A4: Insecure Design Classification Arbitrary File Upload CVE N/A Patch priority High CVSS severity High 10 Developer KadenceWP PSID b7b3e1fb316f Credits N/A Required privilege...