Wpdeveloper

Essential Blocks

25 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2024-30467

  • EPSS 0.38%
  • Veröffentlicht 09.06.2024 11:15:50
  • Zuletzt bearbeitet 21.11.2024 09:11:59

Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg.This issue affects Essential Blocks for Gutenberg: from n/a through 4.4.9.

5.4

CVE-2024-4891

  • EPSS 0.35%
  • Veröffentlicht 18.05.2024 05:15:46
  • Zuletzt bearbeitet 30.01.2025 15:45:34

The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tagName’ parameter in versions up to, and including, 4.5.12 due to insufficient input sanitization a...

5.4

CVE-2024-3818

  • EPSS 0.17%
  • Veröffentlicht 19.04.2024 03:15:06
  • Zuletzt bearbeitet 21.01.2025 19:40:10

The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's "Social Icons" block in all versions up to, and including, 4.5.9 due to insufficient input s...

5.4

CVE-2024-31306

  • EPSS 0.14%
  • Veröffentlicht 07.04.2024 18:15:12
  • Zuletzt bearbeitet 22.01.2025 17:43:48

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Blocks for Gutenberg allows Stored XSS.This issue affects Essential Blocks for Gutenberg: from n/a through 4.5.3.

5.4

CVE-2024-2255

  • EPSS 0.1%
  • Veröffentlicht 20.03.2024 04:15:10
  • Zuletzt bearbeitet 27.01.2025 15:26:09

The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 4.5.2 due to insufficient input sanitization a...

5.4

CVE-2024-1854

  • EPSS 0.23%
  • Veröffentlicht 13.03.2024 16:15:27
  • Zuletzt bearbeitet 22.01.2025 20:04:10

The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the blockId parameter in all versions up to, and including, 4.5.1 due to insufficient input sanitization ...

9.8

CVE-2023-6623

Exploit
  • EPSS 89.36%
  • Veröffentlicht 15.01.2024 16:15:12
  • Zuletzt bearbeitet 11.06.2025 17:15:39

The Essential Blocks WordPress plugin before 4.4.3 does not prevent unauthenticated attackers from overwriting local variables when rendering templates over the REST API, which may lead to Local File Inclusion attacks.

5.4

CVE-2023-7071

  • EPSS 0.18%
  • Veröffentlicht 11.01.2024 09:15:55
  • Zuletzt bearbeitet 03.06.2025 14:15:42

The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Table of Contents block in all versions up to, and including, 4.4.6 due to insufficient input sanitiz...

8.1

CVE-2023-4386

  • EPSS 4.04%
  • Veröffentlicht 20.10.2023 08:15:12
  • Zuletzt bearbeitet 21.11.2024 08:35:02

The Essential Blocks plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 4.2.0 via deserialization of untrusted input in the get_posts function. This allows unauthenticated attackers to inject a PHP Object. No...

9.8

CVE-2023-4402

Exploit
  • EPSS 2.87%
  • Veröffentlicht 20.10.2023 07:15:15
  • Zuletzt bearbeitet 21.11.2024 08:35:04

The Essential Blocks plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 4.2.0 via deserialization of untrusted input in the get_products function. This allows unauthenticated attackers to inject a PHP Object....