Themeisle

Otter Blocks

11 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2024-11219

  • EPSS 1.3%
  • Veröffentlicht 27.11.2024 06:15:18
  • Zuletzt bearbeitet 14.07.2025 17:37:57

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 3.0.6 via the get_image function. This makes it possible for unauthenticated attac...

6.4

CVE-2024-10367

  • EPSS 0.23%
  • Veröffentlicht 01.11.2024 11:15:12
  • Zuletzt bearbeitet 01.11.2024 12:57:03

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 3.0.4 due to insufficient input sanitiz...

5.3

CVE-2024-35682

  • EPSS 0.27%
  • Veröffentlicht 08.06.2024 15:15:50
  • Zuletzt bearbeitet 21.11.2024 09:20:39

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Themeisle Otter Blocks PRO.This issue affects Otter Blocks PRO: from n/a through 2.6.11.

5.4

CVE-2024-3725

  • EPSS 0.2%
  • Veröffentlicht 02.05.2024 17:15:30
  • Zuletzt bearbeitet 21.01.2025 20:07:40

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Post Grid widget in all versions up to, and including, 2.6.9 due to insufficient input san...

6.1

CVE-2024-2729

Exploit
  • EPSS 0.25%
  • Veröffentlicht 18.04.2024 05:15:48
  • Zuletzt bearbeitet 08.05.2025 20:33:19

The Otter Blocks WordPress plugin before 2.6.6 does not properly escape its mainHeadings blocks' attribute before appending it to the final rendered block, allowing contributors to conduct Stored XSS attacks.

5.4

CVE-2024-3343

  • EPSS 0.17%
  • Veröffentlicht 11.04.2024 11:15:48
  • Zuletzt bearbeitet 22.01.2025 19:10:44

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's block attributes in all versions up to, and including, 2.6.8 due to insufficient input san...

5.4

CVE-2024-3344

  • EPSS 0.13%
  • Veröffentlicht 11.04.2024 11:15:48
  • Zuletzt bearbeitet 22.01.2025 19:08:18

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG file upload in all versions up to, and including, 2.6.8 due to insufficient input sanitization and ...

5.4

CVE-2024-2226

  • EPSS 0.17%
  • Veröffentlicht 09.04.2024 19:15:30
  • Zuletzt bearbeitet 31.01.2025 01:45:28

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the id parameter in the google-map block in all versions up to, and including, 2.6.4 due to insufficien...

5.4

CVE-2024-2841

  • EPSS 0.18%
  • Veröffentlicht 29.03.2024 05:15:46
  • Zuletzt bearbeitet 23.01.2025 19:26:46

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 2.6.5 due to insufficient input sanitization...

6.1

CVE-2024-1691

  • EPSS 0.9%
  • Veröffentlicht 13.03.2024 16:15:26
  • Zuletzt bearbeitet 23.01.2025 19:51:46

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via file upload form, which allows SVG uploads, in all versions up to, and including, 2.6.3 due to insu...