CVE-2026-2028

The MaxiBlocks Builder plugin for WordPress is vulnerable to arbitrary media file deletion due to insufficient file ownership validation on the 'maxiremovecustomimagesize' AJAX action in all versions up to, and including, 2.1.8. This makes it possible for authenticated attackers, with Author-leve...

WordPress MaxiBlocks Builder | 17,000+ Design Assets, Patterns, Icons & Starter Sites plugin <= 2.1.9 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin MaxiBlocks versions = 2.1.9...

CVE-2026-2028

The MaxiBlocks Builder plugin for WordPress is vulnerable to arbitrary media file deletion due to insufficient file ownership validation on the 'maxiremovecustomimagesize' AJAX action in all versions up to, and including, 2.1.8. This makes it possible for authenticated attackers, with Author-leve...

EUVD-2026-25372

The MaxiBlocks Builder plugin for WordPress is vulnerable to arbitrary media file deletion due to insufficient file ownership validation on the 'maxiremovecustomimagesize' AJAX action in all versions up to, and including, 2.1.8. This makes it possible for authenticated attackers, with Author-leve...

CVE-2026-2028

The MaxiBlocks Builder plugin for WordPress is vulnerable to arbitrary media file deletion due to insufficient file ownership validation on the 'maxiremovecustomimagesize' AJAX action in all versions up to, and including, 2.1.8. This makes it possible for authenticated attackers, with Author-leve...

PT-2026-34842

The MaxiBlocks Builder plugin for WordPress is vulnerable to arbitrary media file deletion due to insufficient file ownership validation on the 'maxi remove custom image size' AJAX action in all versions up to, and including, 2.1.8. This makes it possible for authenticated attackers, with...

WordPress plugin MaxiBlocks Builder 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress MaxiBlocks Builder plugin <= 2.1.8 - Missing Authorization to Authenticated (Author+) Media File Deletion vulnerability

Missing Authorization to Authenticated Author+ Media File Deletion vulnerability discovered by Teerachai Somprasong in WordPress Plugin MaxiBlocks versions = 2.1.8...

EUVD-2025-17369

Malicious code in bioql PyPI...

EUVD-2024-47875

Malicious code in bioql PyPI...

EUVD-2025-30505

Malicious code in bioql PyPI...

CVE-2025-58968

Missing Authorization vulnerability in Christiaan Pieterse MaxiBlocks maxi-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MaxiBlocks: from n/a through = 2.1.3...

CVE-2025-58968

Missing Authorization vulnerability in Christiaan Pieterse MaxiBlocks maxi-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MaxiBlocks: from n/a through = 2.1.3...

WordPress MaxiBlocks Plugin <= 2.1.3 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Abu Hurayra in WordPress Plugin MaxiBlocks versions = 2.1.3...

CVE-2025-58968 WordPress MaxiBlocks Plugin <= 2.1.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Christiaan Pieterse MaxiBlocks maxi-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MaxiBlocks: from n/a through = 2.1.3...

CVE-2025-58968

CVE-2025-58968 is a Missing Authorization issue in MaxiBlocks (WordPress plugin) affecting MaxiBlocks: 2.1.3 and earlier. Connected document confirms the affected product and version, and notes the issue as Missing Authorization. Public details in the connected Wordfence entry indicate the vulner...

CVE-2025-58968 WordPress MaxiBlocks Plugin <= 2.1.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Christiaan Pieterse MaxiBlocks allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MaxiBlocks: from n/a through 2.1.3...

WordPress plugin MaxiBlocks 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

PT-2025-39028

Name of the Vulnerable Software and Affected Versions MaxiBlocks versions through 2.1.3 Description A missing authorization issue exists in Christiaan Pieterse MaxiBlocks, allowing exploitation of incorrectly configured access control security levels. Recommendations Update MaxiBlocks to a versio...

CVE-2025-47601

Missing Authorization vulnerability in Christiaan Pieterse MaxiBlocks maxi-blocks allows Privilege Escalation.This issue affects MaxiBlocks: from n/a through = 2.1.0...