27 matches found
CVE-2023-49833
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brainstorm Force Spectra – WordPress Gutenberg Blocks allows Stored XSS.This issue affects Spectra – WordPress Gutenberg Blocks: from n/a through 2.7.9...
EUVD-2023-53741
Malicious code in bioql PyPI...
CVE-2025-48332 WordPress Gutenberg Blocks <= 3.3.1 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in PublishPress Gutenberg Blocks advanced-gutenberg allows PHP Local File Inclusion.This issue affects Gutenberg Blocks: from n/a through = 3.3.1...
WordPress Gutenberg Blocks <= 3.3.1 - Local File Inclusion Vulnerability
Local File Inclusion Vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Gutenberg Blocks versions = 3.3.1...
CVE-2024-1814
The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Testimonial block in all versions up to, and including, 2.12.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...
CVE-2024-54272
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RadiusTheme Radius Blocks radius-blocks allows Stored XSS.This issue affects Radius Blocks: from n/a through = 2.1.2...
CVE-2024-54272
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RadiusTheme Radius Blocks radius-blocks allows Stored XSS.This issue affects Radius Blocks: from n/a through = 2.1.2...
CVE-2024-54272
CVE-2024-54272 (Radius Blocks – WordPress Gutenberg Blocks) stores input without proper neutralization, enabling Stored XSS in Radius Blocks—WordPress Gutenberg Blocks (affected: up to 2.1.2). Red Hat and Wordfence sources confirm the issue; patch status is Patch, with mitigation by updating to a...
CVE-2024-10484
The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'Team' widget in all versions up to, and including, 2.16.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-10484
The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'Team' widget in all versions up to, and including, 2.16.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-10484 Spectra – WordPress Gutenberg Blocks <= 2.16.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Team Widget
The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'Team' widget in all versions up to, and including, 2.16.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-10484
CVE-2024-10484: Spectra – WordPress Gutenberg Blocks plugin (≤2.16.2) is vulnerable to Stored XSS via the Team widget due to insufficient input sanitization and output escaping on user-supplied attributes. Exploitation requires authentication (contributor level or higher) and can cause arbitrary ...
WordPress Gutenberg Blocks – Unlimited blocks For Gutenberg Plugin <= 1.2.7 is vulnerable to Cross Site Scripting (XSS)
Software Gutenberg Blocks – Unlimited blocks For Gutenberg Type Plugin Vulnerable versions = 1.2.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-44049 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3478300c8758 Credits...
CVE-2024-43335
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CyberChimps Responsive Blocks – WordPress Gutenberg Blocks allows Stored XSS.This issue affects Responsive Blocks – WordPress Gutenberg Blocks: from n/a through 1.8.8...
CVE-2024-4366
The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘blockid’ parameter in versions up to, and including, 2.13.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
WordPress plugin Spectra – WordPress Gutenberg Blocks 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Spectra - ...
CVE-2024-1815
The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Gallery block in all versions up to, and including, 2.12.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possib...
CVE-2024-1814
CVE-2024-1814 affects Spectra – WordPress Gutenberg Blocks plugin for WordPress. It is a Stored XSS in the Testimonial block across all versions up to 2.12.8, caused by insufficient input sanitization and output escaping of user-provided attributes. Authenticated attackers with contributor-level ...
CVE-2024-1815
The CVE concerns Spectra – WordPress Gutenberg Blocks (Spectra plugin) with Stored Cross-Site Scripting via the Image Gallery block. The issue affects all versions up to and including 2.12.8 and arises from insufficient input sanitization and output escaping on user-supplied attributes, enabling ...
CVE-2024-1815 Spectra – WordPress Gutenberg Blocks <= 2.12.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Gallery Block
The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Gallery block in all versions up to, and including, 2.12.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possib...