7 matches found
WordPress Post Blocks & Tools plugin <= 1.3.0 - Authenticated (Author+) Stored Cross-Site Scripting via 'sliderStyle' Block Attribute vulnerability
Authenticated Author+ Stored Cross-Site Scripting via 'sliderStyle' Block Attribute vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Magazine Companion versions = 1.3.0...
CVE-2026-5711
The Post Blocks & Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sliderStyle' block attribute in the Posts Slider block in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes ...
CVE-2026-5711
CVE-2026-5711 affects the Post Blocks & Tools plugin for WordPress, specifically the Posts Slider block. The issue is a Stored Cross‑Site Scripting (XSS) vulnerability in the sliderStyle attribute, caused by insufficient input sanitization and output escaping for user-supplied attributes. It affe...
CVE-2026-5711 Post Blocks & Tools <= 1.3.0 - Authenticated (Author+) Stored Cross-Site Scripting via 'sliderStyle' Block Attribute
The Post Blocks & Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sliderStyle' block attribute in the Posts Slider block in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes ...
CVE-2026-5711 Post Blocks & Tools <= 1.3.0 - Authenticated (Author+) Stored Cross-Site Scripting via 'sliderStyle' Block Attribute
The Post Blocks & Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sliderStyle' block attribute in the Posts Slider block in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes ...
PT-2026-31473
The Post Blocks & Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sliderStyle' block attribute in the Posts Slider block in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes ...
WordPress plugin Post Blocks & Tools 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...