Blocksy Security Vulnerabilities and Issues — Blocksy CVE List

Lucene search

CreativethemesBlocksy

3 matches found

CVE•added 2024/05/14 3:43 p.m.•60 views

CVE-2024-4158

The Blocksy theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tagName’ parameter in versions up to, and including, 2.0.42 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and ab...

6.4CVSS5.8AI score0.00119EPSS

CVE•added 2024/05/02 5:15 p.m.•48 views

CVE-2024-3747

The Blocksy theme for WordPress is vulnerable to Stored Cross-Site Scripting via the className parameter in the About Me block in all versions up to, and including, 2.0.39 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributo...

6.4CVSS5.7AI score0.00144EPSS

CVE•added 2024/05/21 3:15 a.m.•43 views

CVE-2024-4943

The Blocksy theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘has_field_link_rel’ parameter in all versions up to, and including, 2.0.46 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acc...

6.4CVSS5.8AI score0.00145EPSS