Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates 4.4.6

  • Severity: medium-risk
  • Status: Fixed
  • Publication: January 9, 2024

The Essential Blocks plugin for WordPress, which helps with building pages, is at risk for a type of hacking called Stored Cross-Site Scripting. This is because the plugin does not properly clean up and protect the information that is added to the Table of Contents section. This means that someone who has been given permission to make changes to the website (such as a contributor) could potentially add harmful code to a page that will run when someone else views it.

Detected in:

Essential Blocks – AI-Powered Page Builder Gutenberg Blocks, Patterns & Templates fixed vulnerable versions:
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates fixed vulnerable versions: >= * <= 4.4.6
Essential Blocks for Gutenberg – Page Builder for Gutenberg Blocks & Patterns fixed vulnerable versions:
Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.