Kadencewp

Gutenberg Blocks With Ai

25 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2024-4863

  • EPSS 0.28%
  • Veröffentlicht 14.06.2024 09:15:10
  • Zuletzt bearbeitet 07.02.2025 17:02:22

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘titleFont’ parameter in all versions up to, and including, 3.2.38 due to insufficient input sanitization and...

6.1

CVE-2024-4057

Exploit
  • EPSS 0.24%
  • Veröffentlicht 04.06.2024 06:15:10
  • Zuletzt bearbeitet 21.05.2025 19:10:32

The Gutenberg Blocks with AI by Kadence WP WordPress plugin before 3.2.37 does not validate and escape some of its block attributes before outputting them back in a page/post where the block is embed, which could allow users with the contributor rol...

5.4

CVE-2024-4208

  • EPSS 0.31%
  • Veröffentlicht 15.05.2024 03:15:14
  • Zuletzt bearbeitet 07.02.2025 02:35:22

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the typer effect in the advanced heading widget in all versions up to, and including, 3.2.37 due to insufficient ...

5.4

CVE-2024-3189

  • EPSS 0.16%
  • Veröffentlicht 15.05.2024 03:15:13
  • Zuletzt bearbeitet 07.02.2025 02:33:04

The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'Testimonial', 'Progress Bar', 'Lottie Animations', 'Row Layout', 'Google Maps', and 'Advanced Gallery' ...

5.4

CVE-2024-4481

  • EPSS 0.2%
  • Veröffentlicht 14.05.2024 15:43:52
  • Zuletzt bearbeitet 07.02.2025 02:27:48

The Gutenberg Blocks with AI by Kadence WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link' attribute of the plugin's blocks in all versions up to, and including, 3.2.36 due to insufficient input sanitization and outpu...

5.4

CVE-2024-4209

  • EPSS 0.28%
  • Veröffentlicht 14.05.2024 15:43:06
  • Zuletzt bearbeitet 07.02.2025 02:25:42

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the countdown timer in all versions up to, and including, 3.2.36 due to insufficient input sanitization and outpu...

5.4

CVE-2024-2273

  • EPSS 0.19%
  • Veröffentlicht 02.05.2024 17:15:16
  • Zuletzt bearbeitet 07.02.2025 02:17:45

The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in all versions up to, and including, 3.2.34 due to insufficient input sanitization and output esc...

5.4

CVE-2024-1999

  • EPSS 0.25%
  • Veröffentlicht 09.04.2024 19:15:22
  • Zuletzt bearbeitet 07.02.2025 17:54:53

The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Testimonial Widget's anchor style parameter in all versions up to, and including, 3.2.25 due to insufficient inpu...

4.8

CVE-2024-0598

Exploit
  • EPSS 0.6%
  • Veröffentlicht 09.04.2024 19:15:14
  • Zuletzt bearbeitet 06.02.2025 18:51:23

The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the contact form message settings in all versions up to and including 3.2.17 due to insufficient input sanitization a...

6.4

CVE-2023-6964

  • EPSS 0.26%
  • Veröffentlicht 09.04.2024 19:15:13
  • Zuletzt bearbeitet 06.02.2025 18:53:58

The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.1.26 via the 'kadence_import_get_new_connection_data' AJAX action. This makes it ...