CVE-2024-13549
- EPSS 0.08%
- Veröffentlicht 30.01.2025 14:15:34
- Zuletzt bearbeitet 31.01.2025 18:10:28
The All Bootstrap Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the "Accordion" widget in all versions up to, and including, 1.3.26 due to insufficient input sanitization and output escaping. This makes it possible for ...
CVE-2024-53824
- EPSS 0.58%
- Veröffentlicht 06.12.2024 14:15:24
- Zuletzt bearbeitet 06.12.2024 14:15:24
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AREOI All Bootstrap Blocks allows PHP Local File Inclusion.This issue affects All Bootstrap Blocks: from n/a through 1.3.19.
CVE-2024-43349
- EPSS 0.12%
- Veröffentlicht 18.08.2024 14:15:08
- Zuletzt bearbeitet 19.08.2024 12:59:59
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AREOI All Bootstrap Blocks allows Stored XSS.This issue affects All Bootstrap Blocks: from n/a through 1.3.19.
CVE-2024-35169
- EPSS 0.19%
- Veröffentlicht 14.05.2024 15:39:40
- Zuletzt bearbeitet 21.11.2024 09:19:51
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AREOI All Bootstrap Blocks allows Stored XSS.This issue affects All Bootstrap Blocks: from n/a through 1.3.15.
CVE-2023-35047
- EPSS 0.07%
- Veröffentlicht 11.07.2023 12:15:09
- Zuletzt bearbeitet 21.11.2024 08:07:52
Cross-Site Request Forgery (CSRF) vulnerability in AREOI All Bootstrap Blocks plugin <= 1.3.6 versions.