WordPress plugin Content Blocks (Custom Post Widget) 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress Trending/Popular Post Slider and Widget plugin <= 1.8.6 - Backdoor vulnerability

Backdoor vulnerability discovered by ? in WordPress Plugin Trending/Popular Post Slider and Widget versions = 1.8.6...

WordPress Content Blocks (Custom Post Widget) plugin <= 3.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via content Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via content Parameter vulnerability discovered by lowol in WordPress Plugin Content Blocks Custom Post Widget versions = 3.3.5...

EUVD-2012-4170

Malware in sbrugna...

EUVD-2024-31352

Malicious code in bioql PyPI...

CVE-2024-34566

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Johan van der Wijk Content Blocks Custom Post Widget allows Stored XSS.This issue affects Content Blocks Custom Post Widget: from n/a through 3.3.0...

CVE-2024-33636

Missing Authorization vulnerability in Mahesh Vora WP Page Post Widget Clone.This issue affects WP Page Post Widget Clone: from n/a through 1.0.1...

CVE-2024-44051

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Johan van der Wijk Content Blocks Custom Post Widget custom-post-widget allows Stored XSS.This issue affects Content Blocks Custom Post Widget: from n/a through = 3.3.5...

CVE-2024-44051

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Johan van der Wijk Content Blocks Custom Post Widget allows Stored XSS.This issue affects Content Blocks Custom Post Widget: from n/a through 3.3.5...

CVE-2024-44051

Content Blocks (Custom Post Widget) for WordPress is affected by CVE-2024-44051: a Stored XSS due to improper neutralization in web page generation. Impact is limited to versions

PT-2024-30919 · Unknown · Content Blocks

Name of the Vulnerable Software and Affected Versions: Content Blocks Custom Post Widget versions 3.3.5 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...

WordPress Content Blocks (Custom Post Widget) plugin <= 3.3.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by lowol ngo Patchstack Alliance in WordPress Plugin Content Blocks Custom Post Widget versions = 3.3.5...

WordPress Content Blocks (Custom Post Widget) Plugin <= 3.3.5 is vulnerable to Cross Site Scripting (XSS)

Software Content Blocks Custom Post Widget Type Plugin Vulnerable versions = 3.3.5 Fixed in 3.3.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-44051 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b50c32e861c5 Credits lowol ngo Required...

WordPress Content Blocks (Custom Post Widget) Plugin <= 3.3.0 is vulnerable to Local File Inclusion

Software Content Blocks Custom Post Widget Type Plugin Vulnerable versions = 3.3.0 Fixed in 3.3.1 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-3564 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 7062c181fd50 Credits Krzysztof Zając Required...

CVE-2024-34566

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Johan van der Wijk Content Blocks Custom Post Widget allows Stored XSS.This issue affects Content Blocks Custom Post Widget: from n/a through 3.3.0...

CVE-2024-34566

CVE-2024-34566 is a Stored XSS in Content Blocks (Custom Post Widget) for WordPress. The issue arises from improper input neutralization during web page generation. Affected: Content Blocks (Custom Post Widget)

CVE-2024-34566 WordPress Content Blocks (Custom Post Widget) plugin <= 3.3.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Johan van der Wijk Content Blocks Custom Post Widget allows Stored XSS.This issue affects Content Blocks Custom Post Widget: from n/a through 3.3.0...

PT-2024-25981 · Unknown · Content Blocks

Name of the Vulnerable Software and Affected Versions: Content Blocks Custom Post Widget versions 3.3.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS attacks. There is no...

WordPress Content Blocks (Custom Post Widget) plugin <= 3.3.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by NGÔ THIÊN AN Patchstack Alliance in WordPress Plugin Content Blocks Custom Post Widget versions = 3.3.0...

WordPress Content Blocks (Custom Post Widget) Plugin <= 3.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Content Blocks Custom Post Widget Type Plugin Vulnerable versions = 3.3.0 Fixed in 3.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34566 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c437cf336c56 Credits Ngô Thiên An ancorn...