Kadencewp

Gutenberg Blocks With Ai

25 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2025-5678

  • EPSS 0.04%
  • Veröffentlicht 09.07.2025 01:44:51
  • Zuletzt bearbeitet 17.07.2025 13:31:56

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘redirectURL’ parameter in all versions up to, and including, 3.5.10 due to insufficient input sanitization a...

8.8

CVE-2025-24753

  • EPSS 0.08%
  • Veröffentlicht 24.01.2025 18:15:48
  • Zuletzt bearbeitet 07.02.2025 14:39:27

Missing Authorization vulnerability in Kadence WP Gutenberg Blocks by Kadence Blocks allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Gutenberg Blocks by Kadence Blocks: from n/a through 3.3.1.

5.4

CVE-2024-12304

  • EPSS 0.04%
  • Veröffentlicht 11.01.2025 04:15:06
  • Zuletzt bearbeitet 07.02.2025 17:03:45

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via button block link in all versions up to, and including, 3.4.2 due to insufficient input sanitization and output e...

4.8

CVE-2024-12581

Exploit
  • EPSS 0.04%
  • Veröffentlicht 13.12.2024 06:15:26
  • Zuletzt bearbeitet 06.02.2025 15:36:33

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.2.53 due to insufficient input sanitization and output esc...

5.4

CVE-2024-10637

Exploit
  • EPSS 0.02%
  • Veröffentlicht 12.12.2024 06:15:20
  • Zuletzt bearbeitet 07.05.2025 13:19:33

The Gutenberg Blocks with AI by Kadence WP WordPress plugin before 3.2.54 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role a...

5.4

CVE-2024-10785

  • EPSS 0.06%
  • Veröffentlicht 21.11.2024 11:15:22
  • Zuletzt bearbeitet 07.02.2025 17:03:34

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Countdown' widget in all versions up to, and including, 3.3.3 due to insufficient input sanitization and out...

5.4

CVE-2024-9655

  • EPSS 0.1%
  • Veröffentlicht 01.11.2024 08:15:12
  • Zuletzt bearbeitet 07.02.2025 17:03:14

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Icon widget in all versions up to, and including, 6.6.2 due to insufficient input sanitization and o...

5.4

CVE-2024-6884

Exploit
  • EPSS 0.14%
  • Veröffentlicht 08.08.2024 06:15:41
  • Zuletzt bearbeitet 27.05.2025 21:11:01

The Gutenberg Blocks with AI by Kadence WP WordPress plugin before 3.2.39 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role a...

5.4

CVE-2024-5819

  • EPSS 0.16%
  • Veröffentlicht 29.06.2024 10:15:02
  • Zuletzt bearbeitet 07.02.2025 17:02:49

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to DOM-based Stored Cross-Site Scripting via HTML data attributes in all versions up to, and including, 3.2.45 due to insufficient input sanitizatio...

5.4

CVE-2024-5289

  • EPSS 0.19%
  • Veröffentlicht 27.06.2024 03:15:50
  • Zuletzt bearbeitet 21.11.2024 09:47:21

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Google Maps widget parameters in all versions up to, and including, 3.2.42 due to insufficient input sanitiza...