Kadencewp Gutenberg Blocks With Ai vulnerabilities
25 known vulnerabilities affecting kadencewp/gutenberg_blocks_with_ai.
Total CVEs
25
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM24
Vulnerabilities
Page 2 of 2
CVE-2024-2509MEDIUMCVSS 6.5fixed in 3.2.262024-04-05
CVE-2024-2509 [MEDIUM] CWE-79 CVE-2024-2509: The Gutenberg Blocks by Kadence Blocks WordPress plugin before 3.2.26 does not validate and escape s
The Gutenberg Blocks by Kadence Blocks WordPress plugin before 3.2.26 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
nvd
CVE-2024-2919MEDIUMCVSS 5.4fixed in 3.2.322024-04-04
CVE-2024-2919 [MEDIUM] CWE-79 CVE-2024-2919: The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to
The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the CountUp Widget in all versions up to, and including, 3.2.31 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-
nvd
CVE-2024-24888MEDIUMCVSS 6.5fixed in 3.2.262024-04-02
CVE-2024-24888 [MEDIUM] CWE-918 CVE-2024-24888: Server-Side Request Forgery (SSRF) vulnerability in StellarWP Gutenberg Blocks by Kadence Blocks kad
Server-Side Request Forgery (SSRF) vulnerability in StellarWP Gutenberg Blocks by Kadence Blocks kadence-blocks.This issue affects Gutenberg Blocks by Kadence Blocks: from n/a through <= 3.2.25.
nvd
CVE-2024-23500MEDIUMCVSS 6.5fixed in 3.2.202024-03-28
CVE-2024-23500 [MEDIUM] CWE-918 CVE-2024-23500: Server-Side Request Forgery (SSRF) vulnerability in StellarWP Gutenberg Blocks by Kadence Blocks kad
Server-Side Request Forgery (SSRF) vulnerability in StellarWP Gutenberg Blocks by Kadence Blocks kadence-blocks.This issue affects Gutenberg Blocks by Kadence Blocks: from n/a through <= 3.2.19.
nvd
CVE-2024-1541MEDIUMCVSS 5.4≤ 3.2.232024-03-13
CVE-2024-1541 [MEDIUM] CWE-79 CVE-2024-1541: The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to
The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the htmlTag attribute in all versions up to, and including, 3.2.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access and above, to inje
nvd
← Previous2 / 2