cleantalk
Vulnerabilities and Security Researches

B Blocks – The ultimate block collection, CVE-2025-32173

CVE, Research URL

CVE-2025-32173

Home page URL

Security reports for B Blocks – The ultimate block collection

Application

B Blocks – The ultimate block collection

Published on
Apr 04, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins B Blocks - The ultimate block collection allows Stored XSS. This issue affects B Blocks - The ultimate block collection: from n/a through 2.0.0.
Affected versions
Min -, max 2.0.0.
Status
vulnerable
Previous vulnerability researches
Clearout Email Validator – Real Time Email Validation on WordPress Forms (CVE-2025-30789) , Mar 28, 2025
New vulnerability
Advanced All in One Admin Search by WP Spotlight (CVE-2025-32261) , Apr 06, 2025
Free Booking Plugin for Hotels, Restaurant and Car Rental – eaSYNC (CVE-2025-32219) , Apr 06, 2025
Salon booking system (CVE-2025-32220) , Apr 06, 2025
1 Click WordPress Migration Plugin – 100% FREE for a limited time (CVE-2025-32257) , Apr 06, 2025
Sparkle Elementor Kit (CVE-2025-32157) , Apr 06, 2025