WordPress bBlocks – Essential Gutenberg Blocks & Patterns Collection plugin <= 1.9.8 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin B Blocks versions = 1.9.8...

CVE-2026-32489 WordPress B Blocks plugin < 2.0.30 - Broken Access Control vulnerability

Missing Authorization vulnerability in bPlugins B Blocks b-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects B Blocks: from n/a through 2.0.30...

CVE-2025-8059

The CVE refers to the WordPress B Blocks plugin (versions up to 2.0.6) with a privilege-escalation flaw caused by missing authorization and input validation in the rgfr_registration() function. This allows unauthenticated attackers to create a new account and grant it the administrator role. Publ...

WordPress B Blocks plugin <= 2.0.0 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by Logan Cote in WordPress Plugin B Blocks versions = 2.0.0...

WordPress plugin B Blocks - The ultimate block collection 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress plugin B Blocks - The ultimate block...

WordPress B Blocks - The ultimate block collection Plugin < 1.7.8 is vulnerable to Cross Site Scripting (XSS)

Software B Blocks - The ultimate block collection Type Plugin Vulnerable versions 1.7.8 Fixed in 1.7.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7a29938020aa Credits Rafie...