19 matches found
CVE-2026-1228
The Timeline Block – Beautiful Timeline Builder for WordPress Vertical & Horizontal Timelines plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.3 via the tlgbshortcode function due to missing validation on a user controlled key. This...
CVE-2026-1228
The Timeline Block – Beautiful Timeline Builder for WordPress Vertical & Horizontal Timelines plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.3 via the tlgbshortcode function due to missing validation on a user controlled key. This...
CVE-2026-1228 Timeline Block <= 1.3.3 - Insecure Direct Object Reference to Authenticated (Author+) Private Timeline Exposure via Shortcode Attribute
The Timeline Block – Beautiful Timeline Builder for WordPress Vertical & Horizontal Timelines plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.3 via the tlgbshortcode function due to missing validation on a user controlled key. This...
CVE-2026-1228
The Timeline Block – Beautiful Timeline Builder for WordPress Vertical & Horizontal Timelines plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.3 via the tlgbshortcode function due to missing validation on a user controlled key. This...
CVE-2026-1228 Timeline Block <= 1.3.3 - Insecure Direct Object Reference to Authenticated (Author+) Private Timeline Exposure via Shortcode Attribute
The Timeline Block – Beautiful Timeline Builder for WordPress Vertical & Horizontal Timelines plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.3 via the tlgbshortcode function due to missing validation on a user controlled key. This...
EUVD-2026-5609
The Timeline Block – Beautiful Timeline Builder for WordPress Vertical & Horizontal Timelines plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.3 via the tlgbshortcode function due to missing validation on a user controlled key. This...
CVE-2026-1228
The CVE-2026-1228 entry concerns the Timeline Block – Beautiful Timeline Builder for WordPress plugin for WordPress, affected up to version 1.3.3. The vulnerability is an Insecure Direct Object Reference in the tlgb_shortcode() function caused by missing validation of a user-controlled key, allow...
WordPress Timeline Block plugin <= 1.3.3 - Insecure Direct Object Reference to Authenticated (Author+) Private Timeline Exposure via Shortcode Attribute vulnerability
Insecure Direct Object Reference to Authenticated Author+ Private Timeline Exposure via Shortcode Attribute vulnerability discovered by Kazuma Matsumoto - GMO Cybersecurity by IERAE, Inc. in WordPress Plugin Timeline Block versions = 1.3.3...
PT-2026-6667
Name of the Vulnerable Software and Affected Versions The Timeline Block – Beautiful Timeline Builder for WordPress versions up to and including 1.3.3 Description The software is susceptible to an Insecure Direct Object Reference issue. This is due to a lack of validation on a user-controlled key...
WordPress plugin Timeline Block 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
EUVD-2025-4878
Malicious code in bioql PyPI...
CVE-2025-26754
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins Timeline Block timeline-block-block allows Stored XSS.This issue affects Timeline Block: from n/a through = 1.1.1...
CVE-2025-26754
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins Timeline Block timeline-block-block allows Stored XSS.This issue affects Timeline Block: from n/a through = 1.1.1...
CVE-2025-26754
CVE-2025-26754 affects the WordPress Timeline Block plugin (versions n/a through 1.1.1). It is a Stored XSS due to improper input neutralization during web page generation. Affected software: Timeline Block – Timeline Block Plugin for WordPress. Impact: stored script execution in a victim’s brows...
CVE-2025-26754 WordPress Timeline Block plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins Timeline Block timeline-block-block allows Stored XSS.This issue affects Timeline Block: from n/a through = 1.1.1...
CVE-2025-26754 WordPress Timeline Block plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins Timeline Block timeline-block-block allows Stored XSS.This issue affects Timeline Block: from n/a through = 1.1.1...
PT-2025-7221 · Unknown · Bplugins Timeline Block
Name of the Vulnerable Software and Affected Versions: bPlugins Timeline Block versions n/a through 1.1.1 Description: The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can...
WordPress plugin Timeline Block 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...
WordPress Timeline Block plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Logan Cote Patchstack Alliance in WordPress Plugin Timeline Block versions = 1.1.1...