CVE-2024-54287

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Best WP Developer Advanced Blog Post Block advanced-blog-post-block allows Stored XSS.This issue affects Advanced Blog Post Block: from n/a through = 1.0.4...

CVE-2024-54287

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Best WP Developer Advanced Blog Post Block advanced-blog-post-block allows Stored XSS.This issue affects Advanced Blog Post Block: from n/a through = 1.0.4...

CVE-2024-54287

CVE-2024-54287 describes an Authenticated Stored Cross‑Site Scripting (XSS) in the WordPress plugin Advanced Blog Post Block (block named “Advanced Blog Post Block”). Affected are versions up to and including 1.0.4 (listed as affected “from n/a through 1.0.4”). Exact root cause details are not pr...

CVE-2024-54287 WordPress Advanced Blog Post Block plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Best WP Developer Advanced Blog Post Block advanced-blog-post-block allows Stored XSS.This issue affects Advanced Blog Post Block: from n/a through = 1.0.4...

WordPress plugin Advanced Blog Post Block 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

WordPress Advanced Blog Post Block plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Gab Patchstack Alliance in WordPress Plugin Advanced Blog Post Block versions = 1.0.4...

WordPress FancyPost Plugin <= 5.3.1 is vulnerable to Cross Site Scripting (XSS)

Software FancyPost Type Plugin Vulnerable versions = 5.3.1 Fixed in 5.3.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-38686 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 64272ac7505f Credits 4rCanJ0x! Required privilege Author Publishe...

CVE-2024-0908

The Advanced Post Block – Display Posts, Pages, or Custom Posts on Your Page plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the apbPosts function hooked via an AJAX action in all versions up to, and including, 1.13.4. This makes it possible...

WordPress plugin Advanced Post Block 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-15912 · WordPress · The Advanced Post Block – Display Posts

Name of the Vulnerable Software and Affected Versions: The Advanced Post Block – Display Posts, Pages, or Custom Posts on Your Page plugin for WordPress versions up to, and including, 1.13.1 Description: The issue is related to unauthorized access of data due to a missing capability check on the...

WordPress Advanced Post Block – Display Posts, Pages, or Custom Posts on Your Page plugin <= 1.13.4 - Missing Authorization to Information Disclosure vulnerability

Missing Authorization to Information Disclosure vulnerability discovered by Krzysztof Zając in WordPress Plugin Advanced Post Block - Post Grid for WordPress block editor versions = 1.13.4...

Stackable < 3.12.12 - Contributor+ Stored XSS via Posts Block

Description The plugin is vulnerable to Stored Cross-Site Scripting via the Postv2 block title tag due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject...

WordPress WP Post Block Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)

Software WP Post Block Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2abff47d3ce8 Credits Rafie Muhammad Patchstack Required...

WordPress WP Post Block plugin <= 1.0.2 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress WP Post Block plugin versions = 1.0.2. Solution No patched version available...

WordPress WP Post Block plugin <= 1.0.2 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress WP Post Block plugin versions = 1.0.2. Solution No patched version available...