The Qi Blocks WordPress plugin before 1.4 does not validate and escape some of its Countdown block options before outputting them back in a page/post where the block is embed, which could allow users
The Qi Blocks WordPress plugin before 1.4 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the c
The Qi Blocks WordPress plugin before 1.4 does not validate and escape some of its Counter block options before outputting them back in a page/post where the block is embed, which could allow users wi
The Countdown Timer for WordPress Block Editor WordPress plugin through 1.0.5 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed
The Essential Blocks WordPress plugin before 4.7.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users
The Qi Blocks plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.4.3. This is due to the plugin storing arbitrary CSS styles submitted via the `qi-bloc
The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘cursor’ parameter in all versions up to, and including, 1.8.7 due to insufficient input sanitizat
The Ultimate Blocks WordPress plugin before 3.2.4 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users w
The Ultimate Blocks WordPress plugin before 3.1.9 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users w
The Post Grid, Posts Slider, Posts Carousel, Post Filter, Post Masonry WordPress plugin before 2.2.93 does not validate and escape some of its block options before outputting them back in a page/post
The WP Map Block WordPress plugin before 2.0.3 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with
The Responsive iframe WordPress plugin through 1.2.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users
The Ultimate Blocks WordPress plugin before 3.2.2 does not validate and escape some of its block attributes before outputting them back in a page/post where the block is embed, which could allow user
The Gutentor WordPress plugin before 3.3.6 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the
The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in all versions up to, and including, 1.9.1 due to insufficient input sanitization
The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's TypeOut Text widget in all versions up to, and including, 1.9.2 due to insufficient input
The Ultimate Blocks WordPress plugin before 3.2.0 does not validate and escape some of its post-grid block attributes before outputting them back in a page/post where the block is embed, which could
The Content Blocks (Custom Post Widget) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's content_block shortcode in all versions up to, and including, 3.3.9 due to in
The Website Content in Page or Post WordPress plugin before 2024.04.09 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is e
The SKT Blocks – Gutenberg based Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's skt-blocks/post-carousel block in all versions up to, and including, 1.
Page 1+ Next →