Log out
Get PRO

Latest

Input validation vulnerability in Blockspare: Gutenberg Blocks & Patterns for Blogs, Magazines, Business Sites – Post Grids, Sliders, Carousels, Counters, Page Builder & Starter Site Imports, No Coding Needed 3.2.4

  • Severity: medium-risk
  • Status: Fixed
  • Publication: September 3, 2024

The Blockspare plugin for WordPress, which helps create layouts and designs for websites, has a security vulnerability called Stored Cross-Site Scripting. This means that attackers with certain access levels can add harmful code to pages, which will run whenever someone visits that page. This issue affects all versions up to 3.2.4 and is caused by a lack of proper input cleaning and output protection.

Detected in:

Blockspare: Gutenberg Blocks & Patterns for Blogs, Magazines, Business Sites – Post Grids, Sliders, Carousels, Counters, Page Builder & Starter Site Imports, No Coding Needed fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.