Brainstormforce

Spectra

24 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2024-7590

  • EPSS 0.31%
  • Veröffentlicht 12.08.2024 22:15:12
  • Zuletzt bearbeitet 23.04.2026 15:22:51

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Spectra ultimate-addons-for-gutenberg allows DOM-Based XSS.This issue affects Spectra: from n/a through <= 2.14.1.

8.8

CVE-2023-36676

  • EPSS 0.46%
  • Veröffentlicht 19.06.2024 14:15:11
  • Zuletzt bearbeitet 21.11.2024 08:10:20

Missing Authorization vulnerability in Brainstorm Force Spectra.This issue affects Spectra: from n/a through 2.6.6.

5.3

CVE-2023-23738

  • EPSS 0.33%
  • Veröffentlicht 03.06.2024 22:15:09
  • Zuletzt bearbeitet 10.04.2025 18:55:39

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Brainstorm Force Spectra allows Content Spoofing, Phishing.This issue affects Spectra: from n/a through 2.3.0.

6.1

CVE-2023-23735

  • EPSS 0.28%
  • Veröffentlicht 03.06.2024 22:15:09
  • Zuletzt bearbeitet 01.03.2025 01:48:32

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Brainstorm Force Spectra allows Code Injection.This issue affects Spectra: from n/a through 2.3.0.

5.3

CVE-2023-23730

  • EPSS 0.37%
  • Veröffentlicht 03.06.2024 22:15:08
  • Zuletzt bearbeitet 10.04.2025 18:38:28

Improper Restriction of Excessive Authentication Attempts vulnerability in Brainstorm Force Spectra allows Functionality Bypass.This issue affects Spectra: from n/a through 2.3.0.

5.4

CVE-2024-4366

  • EPSS 0.26%
  • Veröffentlicht 24.05.2024 08:15:09
  • Zuletzt bearbeitet 08.04.2026 18:21:47

The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘block_id’ parameter in versions up to, and including, 2.13.0 due to insufficient input sanitization and output escaping. This makes it...

5.4

CVE-2024-1815

  • EPSS 0.27%
  • Veröffentlicht 23.05.2024 11:15:23
  • Zuletzt bearbeitet 08.04.2026 17:18:26

The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Gallery block in all versions up to, and including, 2.12.8 due to insufficient input sanitization and output escaping on...

5.4

CVE-2024-1814

  • EPSS 0.26%
  • Veröffentlicht 23.05.2024 11:15:23
  • Zuletzt bearbeitet 08.04.2026 19:20:53

The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Testimonial block in all versions up to, and including, 2.12.8 due to insufficient input sanitization and output escaping on u...

4.3

CVE-2024-3107

  • EPSS 0.62%
  • Veröffentlicht 02.05.2024 17:15:22
  • Zuletzt bearbeitet 08.04.2026 17:18:41

The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Path Traversal in versions up to, and including, 2.12.6 via the get_block_default_attributes function. This allows authenticated attackers, with contributor-level permissi...

5.4

CVE-2023-6486

Exploit
  • EPSS 0.57%
  • Veröffentlicht 09.04.2024 19:15:12
  • Zuletzt bearbeitet 08.04.2026 19:18:55

The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Custom CSS metabox in all versions up to and including 2.10.3 due to insufficient input sanitization and output escaping. This makes it...