Skip to main content

Vk Blocks

5 CVEs product

Monthly

CVE-2023-5706 MEDIUM PATCH This Month

The VK Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'vk-blocks/ancestor-page-list' block in all versions up to, and including, 1.63.0.1 due to. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS Vk Blocks
NVD VulDB
CVSS 3.1
6.4
EPSS
0.1%
CVE-2023-0584 MEDIUM PATCH This Month

The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST 'update_options' function in versions up to, and including, 1.57.0.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

WordPress Authentication Bypass Vk Blocks
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-0583 MEDIUM PATCH This Month

The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST 'update_vk_blocks_options' function in versions up to, and including, 1.57.0.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

WordPress Authentication Bypass Vk Blocks
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-27925 MEDIUM This Month

Cross-site scripting vulnerability in Post function of VK Blocks 1.53.0.1 and earlier and VK Blocks Pro 1.53.0.1 and earlier allows a remote authenticated attacker to inject an arbitrary script. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Vk Blocks
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-27923 MEDIUM This Month

Cross-site scripting vulnerability in Tag edit function of VK Blocks 1.53.0.1 and earlier and VK Blocks Pro 1.53.0.1 and earlier allows a remote authenticated attacker to inject an arbitrary script. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Vk Blocks
NVD
CVSS 3.1
5.4
EPSS
0.6%
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

The VK Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'vk-blocks/ancestor-page-list' block in all versions up to, and including, 1.63.0.1 due to. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS Vk Blocks
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST 'update_options' function in versions up to, and including, 1.57.0.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

WordPress Authentication Bypass Vk Blocks
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST 'update_vk_blocks_options' function in versions up to, and including, 1.57.0.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

WordPress Authentication Bypass Vk Blocks
NVD VulDB
EPSS 1% CVSS 5.4
MEDIUM This Month

Cross-site scripting vulnerability in Post function of VK Blocks 1.53.0.1 and earlier and VK Blocks Pro 1.53.0.1 and earlier allows a remote authenticated attacker to inject an arbitrary script. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Vk Blocks
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Cross-site scripting vulnerability in Tag edit function of VK Blocks 1.53.0.1 and earlier and VK Blocks Pro 1.53.0.1 and earlier allows a remote authenticated attacker to inject an arbitrary script. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Vk Blocks
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy