CVE-2024-6432
- EPSS 0.12%
- Veröffentlicht 20.02.2025 10:15:11
- Zuletzt bearbeitet 25.02.2025 18:22:51
The Content Blocks (Custom Post Widget) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘content’ parameter within the plugin's shortcode Content Block in all versions up to, and including, 3.3.5 due to insufficient input sa...
CVE-2024-44051
- EPSS 0.16%
- Veröffentlicht 17.09.2024 23:15:20
- Zuletzt bearbeitet 24.09.2024 22:03:20
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Johan van der Wijk Content Blocks (Custom Post Widget) allows Stored XSS.This issue affects Content Blocks (Custom Post Widget): from n/a thr...
CVE-2024-3565
- EPSS 0.36%
- Veröffentlicht 01.06.2024 04:15:09
- Zuletzt bearbeitet 19.02.2025 16:08:35
The Content Blocks (Custom Post Widget) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'content_block' shortcode in all versions up to, and including, 3.3.0 due to insufficient input sanitization and output escapin...
CVE-2024-3564
- EPSS 0.71%
- Veröffentlicht 01.06.2024 04:15:08
- Zuletzt bearbeitet 19.02.2025 16:09:31
The Content Blocks (Custom Post Widget) plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.3.0 via the plugin's 'content_block' shortcode. This makes it possible for authenticated attackers, with contri...
CVE-2024-34566
- EPSS 0.29%
- Veröffentlicht 08.05.2024 11:15:24
- Zuletzt bearbeitet 12.02.2025 01:40:13
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Johan van der Wijk Content Blocks (Custom Post Widget) allows Stored XSS.This issue affects Content Blocks (Custom Post Widget): from n/a through 3....