Filtered by vendor Blockspare Subscriptions
Filtered by product Blockspare Subscriptions

Search

Switch to Advanced Search (Beta)
Total 4 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-47363 2 Blockspare, Wordpress 2 Blockspare, Wordpress 2025-07-12 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Blockspare allows Stored XSS.This issue affects Blockspare: from n/a through 3.2.4.
CVE-2025-47495 1 Blockspare 1 Blockspare 2025-05-08 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Blockspare Blockspare allows Stored XSS. This issue affects Blockspare: from n/a through 3.2.9.
CVE-2024-8325 1 Blockspare 1 Blockspare 2024-10-07 6.4 Medium
The Blockspare: Gutenberg Blocks & Patterns for Blogs, Magazines, Business Sites – Post Grids, Sliders, Carousels, Counters, Page Builder & Starter Site Imports, No Coding Needed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in the ‘blockspare_render_social_sharing_block’ function in all versions up to, and including, 3.2.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
CVE-2024-43164 2 Blockspare, Wordpress 2 Blockspare, Wordpress 2024-08-13 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Blockspare allows Stored XSS.This issue affects Blockspare: from n/a through 3.2.0.