Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2025/10/26 6:36 a.m.7 views

CVE-2025-8588

The Gutenberg Blocks – PublishPress Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Marker Title' and 'Marker Description' parameters for the Maps block in versions up to, and including, 3.3.4 due to insufficient input sanitization and output escaping. This makes...

6.4CVSS5AI score0.00211EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/26 12:0 a.m.4 views

WordPress plugin PublishPress Blocks 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site...

6.4CVSS5.7AI score0.00211EPSS
Exploits0References4
OSV
OSV
added 2025/10/25 6:15 a.m.3 views

CVE-2025-8588

The Gutenberg Blocks – PublishPress Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Marker Title' and 'Marker Description' parameters for the Maps block in versions up to, and including, 3.3.4 due to insufficient input sanitization and output escaping. This makes...

6.4CVSS5.9AI score0.00211EPSS
Exploits0References3
CVE
CVE
added 2025/10/25 5:31 a.m.16 views

CVE-2025-8588

CVE-2025-8588 affects the Gutenberg-based PublishPress Blocks (Maps block) in WordPress, allowing Stored XSS via Marker Title/Marker Description in versions up to 3.3.4. Exploitation requires authenticated access at contributor level or higher; CVSS v3.1 base score 6.4 (Medium). Wordfence reports...

6.4CVSS4.7AI score0.00211EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/25 5:31 a.m.4 views

EUVD-2025-35910

The Gutenberg Blocks – PublishPress Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Marker Title' and 'Marker Description' parameters for the Maps block in versions up to, and including, 3.3.4 due to insufficient input sanitization and output escaping. This makes...

6.4CVSS4.6AI score0.00211EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/10/25 12:0 a.m.5 views

PT-2025-43714

Name of the Vulnerable Software and Affected Versions PublishPress Blocks plugin for WordPress versions up to and including 3.3.4 Description The plugin is susceptible to Stored Cross-Site Scripting due to inadequate input sanitization and output escaping. Specifically, the 'Marker Title' and...

6.4CVSS5.3AI score0.00211EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-24751

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.00417EPSS
Exploits0References1
NVD
NVD
added 2025/08/14 11:15 a.m.4 views

CVE-2025-48332

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in PublishPress Gutenberg Blocks advanced-gutenberg allows PHP Local File Inclusion.This issue affects Gutenberg Blocks: from n/a through = 3.3.1...

7.5CVSS0.00417EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/14 10:34 a.m.9 views

CVE-2025-48332 WordPress Gutenberg Blocks <= 3.3.1 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in PublishPress Gutenberg Blocks advanced-gutenberg allows PHP Local File Inclusion.This issue affects Gutenberg Blocks: from n/a through = 3.3.1...

7.5CVSS0.00417EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.3 views

PT-2025-33174 · Unknown · Publishpress Gutenberg Blocks

Name of the Vulnerable Software and Affected Versions: PublishPress Gutenberg Blocks versions through 3.3.1 Description: An improper control of filename for include/require statement in PHP, also known as a PHP Remote File Inclusion, exists in PublishPress Gutenberg Blocks. This issue allows for...

7.5CVSS6.6AI score0.00417EPSS
Exploits0References3
Rows per page
Query Builder