Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
The Kadence Blocks — Page Builder Toolkit for Gutenberg Editor plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.6.3. This is due to the plugin not pro
The ZoloBlocks – Gutenberg Block Editor Plugin with Advanced Blocks, Dynamic Content, Templates & Patterns plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capa
The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the uagb block in all versions up to, and including, 2.19.0 due to insufficient input san
The Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.6.10 v
The BlockSpare: Gutenberg Blocks & Patterns for Blogs, Magazines, Business Sites – Post Grids, Sliders, Carousels, Counters, Page Builder & Starter Site Imports, No Coding Needed plugin for WordPress
The Sync Post With Other Site plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'sps_add_update_post' function in all versions up to, and
The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Sensitive Information Exposure in versions less than, or equal to, 2.0.0 via the get_active_plugins function. This mak
The Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.5.5 due to insufficient input
The Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HTML data attributes of multiple widgets, in all versions
The VG WORT METIS plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the gutenberg_save_post() function in all versions up to, and including,
The Guten Post Layout – An Advanced Post Grid Collection for WordPress Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ attribute within the 'wp:guten-post-l
The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.19.25. This makes it possible fo
The Stackable – Page Builder Gutenberg Blocks plugin for WordPress is vulnerable to CSS Injection in all versions up to, and including, 3.13.6. This makes it possible for unauthenticated attackers to
The Rise Blocks – A Complete Gutenberg Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘logoTag’ Site Identity block attribute in all versions up to, and includi
The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to unauthorized access of data due to a missing or incorrect capability checks on the g
The Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use
The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Information Disclosure in all versions up to, and including, 2.19.17. This is due to the plugi
The FastX theme for WordPress is vulnerable to unauthorized limited plugin installation and activation due to missing capability checks on the 'ultp_install_callback' and 'ultp_activate_callback' func
The Simple Downloads List plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wp_ajax_neofix_sdl_edit' AJAX endpoint along with many other
The PGS Core plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 5.8