22 matches found
CVE-2026-2371
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 12.8.3. This is due to missing authorization and post status validation in the gspbelreusableload AJAX handler. The handler accepts an...
CVE-2026-2371
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 12.8.3. This is due to missing authorization and post status validation in the gspbelreusableload AJAX handler. The handler accepts an...
WordPress Greenshift plugin <= 12.8.3 - Missing Authorization to Unauthenticated Private Reusable Block Disclosure via 'gspb_el_reusable_load' vulnerability
Missing Authorization to Unauthenticated Private Reusable Block Disclosure via 'gspbelreusableload' vulnerability discovered by Lucas Montes NiRoX in WordPress Plugin Greenshift versions = 12.8.3...
WordPress plugin Greenshift – animation and page builder blocks 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
CVE-2026-2371 Greenshift <= 12.8.3 - Missing Authorization to Unauthenticated Private Reusable Block Disclosure via 'gspb_el_reusable_load'
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 12.8.3. This is due to missing authorization and post status validation in the gspbelreusableload AJAX handler. The handler accepts an...
CVE-2026-2371 Greenshift <= 12.8.3 - Missing Authorization to Unauthenticated Private Reusable Block Disclosure via 'gspb_el_reusable_load'
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 12.8.3. This is due to missing authorization and post status validation in the gspbelreusableload AJAX handler. The handler accepts an...
CVE-2026-2371
Summary (CVE-2026-2371) The Greenshift – animation and page builder blocks WordPress plugin versions up to and including 12.8.3 are vulnerable to an insecure direct object reference in the gspb_el_reusable_load AJAX handler. The handler accepts an arbitrary post_id and renders the content of any ...
CVE-2026-2371
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 12.8.3. This is due to missing authorization and post status validation in the gspbelreusableload AJAX handler. The handler accepts an...
PT-2026-23762
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 12.8.3. This is due to missing authorization and post status validation in the gspb el reusable load AJAX handler. The handler accepts an...
EUVD-2023-31347
Malicious code in bioql PyPI...
CVE-2023-27611
Cross-Site Request Forgery CSRF vulnerability in audrasjb Reusable Blocks Extended plugin = 0.9 versions...
CVE-2023-27611
Cross-Site Request Forgery CSRF vulnerability in audrasjb Reusable Blocks Extended plugin = 0.9 versions...
CVE-2023-27611
Cross-Site Request Forgery CSRF vulnerability in audrasjb Reusable Blocks Extended plugin = 0.9 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in audrasjb Reusable Blocks Extended plugin = 0.9 versions...
CVE-2023-27611
CVE-2023-27611 is a CSRF vulnerability in the audrasjb Reusable Blocks Extended plugin (versions
CVE-2023-27611 WordPress Reusable Blocks Extended Plugin <= 0.9 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in audrasjb Reusable Blocks Extended plugin = 0.9 versions...
CVE-2023-27611 WordPress Reusable Blocks Extended Plugin <= 0.9 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in audrasjb Reusable Blocks Extended plugin = 0.9 versions...
WordPress Plugin Reusable Blocks Extended Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
PT-2023-21249 · WordPress · Audrasjb Reusable Blocks Extended
Name of the Vulnerable Software and Affected Versions: audrasjb Reusable Blocks Extended plugin versions 0.9 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended...
WordPress Reusable Blocks Extended Plugin <= 0.9 is vulnerable to Cross Site Request Forgery (CSRF)
Software Reusable Blocks Extended Type Plugin Vulnerable versions = 0.9 Fixed in 0.9.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-27611 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID b5d0490a0c0b Credits Rio Darmawan...