CVE-2024-13803

The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-marker’ parameter in all versions up to, and including, 5.2.3 due to insufficient input sanitization and output escaping. This makes it possib...

CVE-2024-13803

The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-marker’ parameter in all versions up to, and including, 5.2.3 due to insufficient input sanitization and output escaping. This makes it possib...

PT-2025-8684 · WordPress · The Essential Blocks – Page Builder Gutenberg Blocks

Name of the Vulnerable Software and Affected Versions: The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress versions up to, and including, 5.2.3 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and...

Interactive Map with Marker SQL Injection Vulnerability

Interactive is a software application. net Interactive takes. net power and embeds it into your interactive experience. A SQL injection vulnerability exists in Interactive Map with Marker version 1.0, which stems from an incorrect manipulation of the parameter mark can result in sql injection...

ecobee: Open API - AWS S3 GET Bucket (List Objects) Version 1

Summary: AWS S3 GET Bucket List Objects Version 1 API accesible Steps To Reproduce: navigate to: https://www.ecobee.com/wp-content/uploads/ Observe that you get a listbucketresponse https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGET.htmlRESTBucketGET-requests The truncated param is set...