Auth. (author+) Cross-Site Scripting (XSS) vulnerability in Wpsoul Greenshift β animation and page builder blocks plugin <= 4.9.9 versions.
5.9CVSS
5.3AI Score
0.001EPSS
The Greenshift β animation and page builder blocks plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation on the 'gspb_save_files' function in versions up to, and including, 7.6.2. This makes it possible for authenticated attackers with administrator-level ...
7.2CVSS
7.4AI Score
0.001EPSS
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wpsoul Greenshift β animation and page builder blocks allows Stored XSS.This issue affects Greenshift β animation and page builder blocks: from n/a through 8.8.9.1.
6.5CVSS
6.5AI Score
0.0004EPSS
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wpsoul Greenshift Woocommerce Addon allows SQL Injection.This issue affects Greenshift Woocommerce Addon: from n/a before 1.9.8.
8.8CVSS
8.8AI Score
0.001EPSS
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wpsoul Greenshift β animation and page builder blocks allows Stored XSS.This issue affects Greenshift β animation and page builder blocks: from n/a through 9.3.7.
6.5CVSS
6.5AI Score
0.0004EPSS