Lucene search
+L
ThemeisleOtter Blocks

10 matches found

CVE
CVE
added 2024/05/02 4:52 p.m.74 views

CVE-2024-3725

CVE-2024-3725 affects the WordPress plugin Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE. In versions up to 2.6.9, stored XSS via the Post Grid widget occurs due to insufficient input sanitization and output escaping on user-supplied attributes (e.g., titleTag). Exploit...

6.4CVSS5.6AI score0.00423EPSS
CVE
CVE
added 2024/03/29 4:31 a.m.71 views

CVE-2024-2841

CVE-2024-2841 affects Otter Blocks – Gutenberg Blocks, Page Builder for WordPress up to v2.6.5; stored XSS via widgets due to insufficient input sanitization and output escaping on attributes like 'id'. Exploitation requires contributor+ privileges; attacker can inject scripts that execute when u...

6.4CVSS7.6AI score0.0034EPSS
CVE
CVE
added 2024/11/27 5:31 a.m.70 views

CVE-2024-11219

CVE-2024-11219 affects Otter Blocks – Gutenberg Blocks, Page Builder for WordPress (WordPress plugin) up to and including v3.0.6. The issue is an unauthenticated path traversal vulnerability in the get_image function that allows viewing arbitrary images on the server, potentially exposing sensiti...

7.5CVSS5.3AI score0.00507EPSS
CVE
CVE
added 2024/04/18 5:0 a.m.70 views

CVE-2024-2729

The Otter Blocks WordPress plugin is vulnerable to a stored XSS in all versions prior to 2.6.6, caused by improper escaping of the mainHeadings block attribute when rendering the final block. This is CVE-2024-2729. A fix is available in version 2.6.6 and later; updating to 2.6.6+ is the advised r...

6.1CVSS8.8AI score0.0042EPSS
CVE
CVE
added 2024/04/11 11:3 a.m.66 views

CVE-2024-3344

CVE-2024-3344 (Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE) is a Stored Cross-Site Scripting vulnerability affecting Otter Blocks up to version 2.6.8. An authenticated attacker with author-level access or higher can upload an SVG file without proper sanitization and, ...

6.4CVSS5.8AI score0.0032EPSS
CVE
CVE
added 2024/04/09 6:58 p.m.64 views

CVE-2024-2226

CVE-2024-2226 affects the Otter Blocks – Gutenberg Blocks plugin for WordPress. The vulnerability is stored XSS in the google-map block via the id parameter, present in all versions up to 2.6.4, due to insufficient input sanitization and output escaping. Exploitation requires an authenticated att...

6.4CVSS7.6AI score0.00358EPSS
CVE
CVE
added 2024/06/08 2:56 p.m.60 views

CVE-2024-35682

Technical details about CVE-2024-35682 are not provided in the supplied documents. Monitor official advisories and CVE updates from vendors and security bulletins for new information.

5.3CVSS5.1AI score0.00345EPSS
CVE
CVE
added 2024/04/11 11:3 a.m.59 views

CVE-2024-3343

CVE-2024-3343 concerns Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE for WordPress. The issue is a Stored Cross-Site Scripting vulnerability in the plugin’s block attributes caused by insufficient input sanitization and output escaping, affecting all versions up to and ...

6.4CVSS5.7AI score0.00343EPSS
CVE
CVE
added 2024/03/13 3:26 p.m.58 views

CVE-2024-1691

CVE-2024-1691 – Otter Blocks PRO (WordPress) suffers Stored Cross-Site Scripting via an SVG file upload vector due to insufficient input sanitization and output escaping. Affected: Otter Blocks PRO – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE PRO (WordPress). Impact: unauthenticate...

6.1CVSS6.2AI score0.00466EPSS
CVE
CVE
added 2024/03/13 3:27 p.m.36 views

CVE-2024-1684

The CVE-2024-1684 entry concerns Otter Blocks PRO (WordPress) versions

6.4CVSS6.1AI score0.00399EPSS