9 matches found
CVE-2025-1664
CVE-2025-1664 affects the WordPress plugin Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates . The vulnerability is a Stored Cross-Site Scripting via the Parallax slider in all versions up to 5.3.1 due to insufficient input sanitization and output escaping. Exploitation requi...
CVE-2024-13803
CVE-2024-13803 concerns the WordPress plugin Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates, affecting all versions up to 5.2.3. The vulnerability is a Stored Cross-Site Scripting via the data-marker parameter, caused by insufficient input sanitization and output escaping....
CVE-2024-4891
CVE-2024-4891 affects the WordPress plugin Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates. Root cause is insufficient input sanitization and output escaping in the tagName parameter, enabling Stored XSS. Impact requires authenticated access (contributor+) to inject scripts...
CVE-2024-2255
The CVE concerns the WordPress plugin Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates. It describes a Stored XSS flaw in the plugin’s widgets due to insufficient input sanitization and output escaping on user-supplied attributes (e.g., listStyle) in versions up to 4.5.2. Ex...
CVE-2024-47385
CVE-2024-47385 is a stored XSS in the WordPress plugin “Essential Blocks for Gutenberg” (WPDeveloper). Public details indicate the vulnerability affects versions up to and including 4.8.4; exploitation is via improper neutralization of input during web page generation. The patch is available in v...
CVE-2024-1854
CVE-2024-1854 (WordPress plugin: Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates) The vulnerability is a Stored XSS in the blockId parameter across all versions up to and including 4.5.1 of the Essential Blocks plugin for WordPress. The root cause is insufficient input sani...
CVE-2024-31306
CVE-2024-31306 : In the WordPress plugin Essential Blocks – Page Builder Gutenberg Blocks (WPDeveloper) there is a Stored XSS vulnerability due to improper input handling during web page generation, affecting versions up to 4.5.3 . The root cause is insufficient input neutralization when renderin...
CVE-2022-47594
CVE-2022-47594 affects the WordPress plugin Essential Blocks for Gutenberg (
CVE-2023-7071
CVE-2023-7071 affects the WordPress plugin Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates. Versions up to and including 4.4.6 are vulnerable to Stored Cross-Site Scripting via the Table of Contents block due to insufficient input sanitization and output escaping. Exploitat...