9 matches found
CVE-2025-5940
The Osom Blocks – Custom Post Type listing block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘classname’ parameter in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2025-5940
The Osom Blocks – Custom Post Type listing block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘classname’ parameter in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2025-5940
The Osom Blocks – Custom Post Type listing block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘classname’ parameter in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2025-5940 Osom Blocks <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via class_name Parameter
The Osom Blocks – Custom Post Type listing block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘classname’ parameter in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2025-5940 Osom Blocks <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via class_name Parameter
The Osom Blocks – Custom Post Type listing block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘classname’ parameter in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2025-5940
CVE-2025-5940 Osom Blocks for WordPress is affected by a Stored Cross-Site Scripting via the class_name parameter in all versions up to 1.2.1. Exploitation requires authenticated access at Contributor level or higher , and triggers script execution when a page is loaded. The vulnerability is conf...
WordPress plugin Osom Blocks 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...
PT-2025-27066 · WordPress · Osom Blocks
Name of the Vulnerable Software and Affected Versions: Osom Blocks – Custom Post Type listing block plugin for WordPress versions up to, and including, 1.2.1 Description: The issue is related to Stored Cross-Site Scripting via the class name parameter due to insufficient input sanitization and...
WordPress Osom Blocks plugin <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via class_name Parameter vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via classname Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Osom Blocks versions = 1.2.1...