Vulnerabilities and security researches forb-blocks b-blocks

Jun 07, 2024

CVE, Research URL: ca74bacceb60973eeb228d127379636c61208cb5
Home page URL: Security reports for B Blocks – The ultimate block collection
Application: B Blocks – The ultimate block collection
Date: Jul 18, 2023
Research Description: B Blocks – The ultimate block collection [b-blocks] < 1.7.8 WordPress B Blocks - The ultimate block collection Plugin < 1.7.8 is vulnerable to Cross Site Scripting (XSS) Update the plugin to the latest version. Rafie Muhammad (Patchstack) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress B Blocks - The ultimate block collection Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 1.7.8.
Affected versions: Min -, max -.
Status: vulnerable

Apr 06, 2025

CVE, Research URL: CVE-2025-32173
Home page URL: Security reports for B Blocks – The ultimate block collection
Application: B Blocks – The ultimate block collection
Date: Apr 04, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins B Blocks - The ultimate block collection allows Stored XSS. This issue affects B Blocks - The ultimate block collection: from n/a through 2.0.0.
Affected versions: Min -, max -.
Status: vulnerable