Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Blocksy Companion Security Vulnerabilities - February

cve
cve

CVE-2023-1911

The Blocksy Companion WordPress plugin before 1.8.82 does not ensure that posts to be accessed via a shortcode are already public and can be viewed, allowing any authenticated users, such as subscriber to access draft posts for example

4.3CVSS

4.7AI Score

0.001EPSS

2023-05-02 08:15 AM
61
cve
cve

CVE-2023-23898

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in CreativeThemes Blocksy Companion plugin <= 1.8.67 versions.

5.5CVSS

5.2AI Score

0.001EPSS

2023-04-06 11:15 AM
26
cve
cve

CVE-2024-31932

Cross-Site Request Forgery (CSRF) vulnerability in CreativeThemes Blocksy Companion.This issue affects Blocksy Companion: from n/a through 2.0.28.

5.4CVSS

6.8AI Score

0.0004EPSS

2024-04-11 01:15 PM
27
cve
cve

CVE-2024-35633

Server-Side Request Forgery (SSRF) vulnerability in CreativeThemes Blocksy Companion.This issue affects Blocksy Companion: from n/a through 2.0.42.

4.4CVSS

7.2AI Score

0.0004EPSS

2024-06-03 10:15 AM
17