Themeisle

Otter Blocks

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2026-2892

  • EPSS 0.32%
  • Veröffentlicht 30.04.2026 13:28:21
  • Zuletzt bearbeitet 30.04.2026 14:52:54

The Otter Blocks plugin for WordPress is vulnerable to Purchase Verification Bypass in all versions up to, and including, 3.1.4. This is due to the 'get_customer_data' method relying on an unsigned 'o_stripe_data' cookie to determine Stripe product o...

7.5

CVE-2024-11219

  • EPSS 0.51%
  • Veröffentlicht 27.11.2024 06:15:18
  • Zuletzt bearbeitet 14.07.2025 17:37:57

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 3.0.6 via the get_image function. This makes it possible for unauthenticated attac...

6.4

CVE-2024-10367

  • EPSS 0.35%
  • Veröffentlicht 01.11.2024 11:15:12
  • Zuletzt bearbeitet 15.04.2026 00:35:42

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 3.0.4 due to insufficient input sanitiz...

5.3

CVE-2024-35682

  • EPSS 0.35%
  • Veröffentlicht 08.06.2024 15:15:50
  • Zuletzt bearbeitet 28.04.2026 19:25:35

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Themeisle Otter Blocks PRO.This issue affects Otter Blocks PRO: from n/a through 2.6.11.

5.4

CVE-2024-3725

  • EPSS 0.42%
  • Veröffentlicht 02.05.2024 17:15:30
  • Zuletzt bearbeitet 08.04.2026 19:21:26

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Post Grid widget in all versions up to, and including, 2.6.9 due to insufficient input san...

6.1

CVE-2024-2729

Exploit
  • EPSS 0.42%
  • Veröffentlicht 18.04.2024 05:15:48
  • Zuletzt bearbeitet 08.05.2025 20:33:19

The Otter Blocks WordPress plugin before 2.6.6 does not properly escape its mainHeadings blocks' attribute before appending it to the final rendered block, allowing contributors to conduct Stored XSS attacks.

5.4

CVE-2024-3343

  • EPSS 0.34%
  • Veröffentlicht 11.04.2024 11:15:48
  • Zuletzt bearbeitet 08.04.2026 18:21:23

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's block attributes in all versions up to, and including, 2.6.8 due to insufficient input san...

5.4

CVE-2024-3344

  • EPSS 0.32%
  • Veröffentlicht 11.04.2024 11:15:48
  • Zuletzt bearbeitet 08.04.2026 19:21:20

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG file upload in all versions up to, and including, 2.6.8 due to insufficient input sanitization and ...

5.4

CVE-2024-2226

  • EPSS 0.36%
  • Veröffentlicht 09.04.2024 19:15:30
  • Zuletzt bearbeitet 08.04.2026 17:18:32

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the id parameter in the google-map block in all versions up to, and including, 2.6.4 due to insufficien...

5.4

CVE-2024-2841

  • EPSS 0.34%
  • Veröffentlicht 29.03.2024 05:15:46
  • Zuletzt bearbeitet 08.04.2026 18:21:14

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 2.6.5 due to insufficient input sanitization...