WordPress Plugin Vulnerability Report – VK Blocks – Authenticated (Contributor+) Stored Cross-Site Scripting via Block – CVE-2023-5706

Plugin Name: VK Blocks Key Information: Software Type: Plugin Software Slug: vk-blocks Software Status: Active Software Author: vektor-inc Software Downloads: 2,017,789 Active Installs: 80,000 Last Updated: October 24, 2023 Patched Versions: 1.64.0.0 Affected Versions: <= 1.63.0.1 Vulnerability Details: Name: VK Blocks <= 1.63.0.1 – Authenticated (Contributor+) Stored Cross-Site Scripting via Block Title: Authenticated (Contributor+) Stored Cross-Site Scripting via Block Type: Improper Neutralization of Input…

Read More