CVE-2024-2509
- EPSS 0.21%
- Veröffentlicht 05.04.2024 05:15:07
- Zuletzt bearbeitet 13.05.2025 00:41:04
The Gutenberg Blocks by Kadence Blocks WordPress plugin before 3.2.26 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and ab...
CVE-2024-2919
- EPSS 0.18%
- Veröffentlicht 04.04.2024 03:15:06
- Zuletzt bearbeitet 08.04.2026 19:21:13
The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the CountUp Widget in all versions up to, and including, 3.2.31 due to insufficient input sanitization and output esc...
CVE-2024-24888
- EPSS 0.46%
- Veröffentlicht 02.04.2024 19:15:47
- Zuletzt bearbeitet 01.04.2026 16:16:47
Server-Side Request Forgery (SSRF) vulnerability in StellarWP Gutenberg Blocks by Kadence Blocks kadence-blocks.This issue affects Gutenberg Blocks by Kadence Blocks: from n/a through <= 3.2.25.
CVE-2024-23500
- EPSS 0.69%
- Veröffentlicht 28.03.2024 06:15:10
- Zuletzt bearbeitet 01.04.2026 16:16:46
Server-Side Request Forgery (SSRF) vulnerability in StellarWP Gutenberg Blocks by Kadence Blocks kadence-blocks.This issue affects Gutenberg Blocks by Kadence Blocks: from n/a through <= 3.2.19.
CVE-2024-1541
- EPSS 0.23%
- Veröffentlicht 13.03.2024 16:15:24
- Zuletzt bearbeitet 08.04.2026 19:20:47
The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the htmlTag attribute in all versions up to, and including, 3.2.23 due to insufficient input sanitization and output ...