cleantalk
Vulnerabilities and Security Researches

B Blocks – The ultimate block collection, ca74bacceb60973eeb228d127379636c61208cb5

CVE, Research URL

ca74bacceb60973eeb228d127379636c61208cb5

Home page URL

Security reports for B Blocks – The ultimate block collection

Application

B Blocks – The ultimate block collection

Published on
Jul 18, 2023
Research Description
B Blocks &#8211; The ultimate block collection [b-blocks] < 1.7.8 WordPress B Blocks - The ultimate block collection Plugin < 1.7.8 is vulnerable to Cross Site Scripting (XSS) Update the plugin to the latest version. Rafie Muhammad (Patchstack) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress B Blocks - The ultimate block collection Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 1.7.8.
Affected versions
Min -, max 1.7.8.
Status
vulnerable
Previous vulnerability researches
B Blocks &#8211; The ultimate block collection (ca74bacceb60973eeb228d127379636c61208cb5) , Jun 07, 2024
B Blocks &#8211; The ultimate block collection (CVE-2025-32173) , Apr 06, 2025
New vulnerability
DN Shipping by Weight for WooCommerce (CVE-2025-32535) , Apr 17, 2025
Sign-up Sheets (CVE-2025-26996) , Apr 17, 2025
Cart66 Cloud :: WordPress Ecommerce The Easy Way (CVE-2025-32653) , Apr 17, 2025
C9 Blocks (CVE-2025-26951) , Apr 17, 2025
Widget for Social Page Feeds (CVE-2024-13207) , Apr 17, 2025