WordPress Ultimate Blocks plugin <= 3.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via content Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via content Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Ultimate Blocks versions = 3.2.7...

WordPress Ultimate Blocks plugin <= 3.3.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by zaim in WordPress Plugin Ultimate Blocks versions = 3.3.6...

CVE-2025-47493 WordPress Ultimate Blocks <= 3.2.9 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ultimate Blocks Ultimate Blocks allows DOM-Based XSS. This issue affects Ultimate Blocks: from n/a through 3.2.9...

CVE-2025-31077

CVE-2025-31077 is a stored XSS in Ultimate Blocks (WordPress Blocks Plugin) affecting versions up to 3.2.7. The Wordfence vulnerability listing notes authenticated access (Contributor+) as the prerequisite and that a patch exists; upgrade to version 3.2.7+ to remediate.

WordPress Ultimate Blocks plugin < 3.2.2 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Ultimate Blocks versions 3.2.2...

WordPress Ultimate Blocks – Gutenberg Blocks Plugin Plugin < 3.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Ultimate Blocks – Gutenberg Blocks Plugin Type Plugin Vulnerable versions 3.2.2 Fixed in 3.2.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8536 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8aef462831eb Credits...

WordPress Ultimate Blocks – Gutenberg Blocks Plugin Plugin < 3.1.9 is vulnerable to Cross Site Scripting (XSS)

Software Ultimate Blocks – Gutenberg Blocks Plugin Type Plugin Vulnerable versions 3.1.9 Fixed in 3.1.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4655 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID cde0b6afb92f Credits...

WordPress Ultimate Blocks – Gutenberg Blocks Plugin Plugin <= 3.1.0 is vulnerable to Cross Site Scripting (XSS)

Software Ultimate Blocks – Gutenberg Blocks Plugin Type Plugin Vulnerable versions = 3.1.0 Fixed in 3.1.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6692 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0c6c4059359d Credit...