Lucene search
K
GodaddyCoblocks

4 matches found

CVE
CVE
added 2024/04/02 5:0 a.m.92 views

CVE-2024-2369

CVE-2024-2369 affects WordPress Page Builder Gutenberg Blocks (CoBlocks) prior to 3.1.7. The root cause is that the plugin does not validate and escape certain block options before output, enabling stored XSS for users with the contributor role or higher when the block is embedded in a post/page....

5.4CVSS5.5AI score0.00446EPSS
CVE
CVE
added 2024/03/23 3:33 a.m.70 views

CVE-2024-1049

CVE-2024-1049 affects the WordPress plugin Page Builder Gutenberg Blocks – CoBlocks . It is vulnerable to Stored Cross-Site Scripting via the plugin’s Icon Widget, in all versions up to 3.1.6, due to insufficient input sanitization and output escaping on the link value. The vulnerability requires...

6.4CVSS7.6AI score0.00323EPSS
CVE
CVE
added 2024/07/23 6:0 a.m.66 views

CVE-2024-4260

CVE-2024-4260 concerns the WordPress plugin Page Builder Gutenberg Blocks (CoBlocks) , prior to version 3.1.12. The issue arises from the plugin not restricting pinging to arbitrary hosts via some of its shortcodes, potentially enabling a high-privilege user (e.g., a Contributor) to perform an SS...

6.5CVSS6.5AI score0.00541EPSS
CVE
CVE
added 2024/08/29 6:0 a.m.62 views

CVE-2024-7132

CVE-2024-7132 affects the Page Builder Gutenberg Blocks WordPress plugin prior to version 3.1.13. The issue stems from insufficient escaping of the content of post embeds in one block, enabling stored Cross-Site Scripting by users with publish-post capability (editors/admin by default), even when...

4.8CVSS4.8AI score0.00379EPSS