Getwid@* Security Vulnerabilities and Issues — Getwid@* CVE List

Lucene search

MotopressGetwid*

8 matches found

CVE•added 2024/07/20 7:15 a.m.•81 views

CVE-2024-6489

The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the get_google_api_key function in all versions up to, and including, 2.0.10. This makes it possible for authenticated attackers, with Contributor-level access ...

5.3CVSS5AI score0.00104EPSS

CVE•added 2024/07/20 7:15 a.m.•73 views

CVE-2024-6491

The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the mailchimp_api_key_manage function in all versions up to, and including, 2.0.10. This makes it possible for authenticated attackers, with Contributor-level a...

4.3CVSS4.3AI score0.00101EPSS

CVE•added 2024/01/08 7:15 p.m.•51 views

CVE-2023-6042

Any unauthenticated user may send e-mail from the site with any title or content to the admin

7.5CVSS7.5AI score0.00392EPSS

CVE•added 2024/04/09 7:15 p.m.•46 views

CVE-2024-1948

The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the block content in all versions up to, and including, 2.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access a...

6.4CVSS7.6AI score0.00157EPSS

CVE•added 2024/02/05 10:15 p.m.•37 views

CVE-2023-6963

The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to CAPTCHA Bypass in versions up to, and including, 2.0.4. This makes it possible for unauthenticated attackers to bypass the Captcha Verification of the Contact Form block by omitting 'g-recaptcha-response' from the 'data' array.

5.3CVSS5.6AI score0.00122EPSS

CVE•added 2024/11/20 11:15 a.m.•35 views

CVE-2024-10872

The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the template-post-custom-field block in all versions up to, and including, 2.0.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with ...

6.4CVSS5.4AI score0.00039EPSS

CVE•added 2024/02/05 10:15 p.m.•34 views

CVE-2023-6959

The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the recaptcha_api_key_manage function in all versions up to, and including, 2.0.3. This makes it possible for authenticated attackers, with subscriber-level acc...

4.3CVSS4.6AI score0.00119EPSS

CVE•added 2024/05/02 5:15 p.m.•32 views

CVE-2024-3588

The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown block in all versions up to, and including, 2.0.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...

6.4CVSS5.7AI score0.00289EPSS