VYPR

Recipe Card Blocks By Wpzoom

by WordPress

Source repositories

CVEs (6)

  • CVE-2025-14973MedJan 26, 2026
    risk 0.44cvss 6.8epss 0.00

    The Recipe Card Blocks Lite WordPress plugin before 3.4.13 does not sanitize and escape a parameter before using it in a SQL statement, allowing contributors and above to perform SQL injection attacks.

  • CVE-2025-62019MedOct 22, 2025
    risk 0.42cvss 6.5epss 0.00

    Missing Authorization vulnerability in WPZOOM Recipe Card Blocks for Gutenberg & Elementor recipe-card-blocks-by-wpzoom.This issue affects Recipe Card Blocks for Gutenberg & Elementor: from n/a through <= 3.4.8.

  • CVE-2021-24632MedSep 27, 2021
    risk 0.40cvss 6.1epss 0.01

    The Recipe Card Blocks by WPZOOM WordPress plugin before 2.8.1 does not escape the message parameter before outputting it back in the admin dashboard, leading to a Reflected Cross-Site Scripting issue

  • CVE-2026-3011MedJun 8, 2026
    risk 0.35cvss 6.4epss 0.00

    The Recipe Card Blocks Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the recipe block's 'summary' and 'notes' attributes in all versions up to, and including, 3.4.13. This is due to the 'WPZOOM_Helpers::deserialize_block_attributes' method converting…

  • CVE-2021-24634MedSep 27, 2021
    risk 0.35cvss 5.4epss 0.01

    The Recipe Card Blocks by WPZOOM WordPress plugin before 2.8.3 does not properly sanitise or escape some of the properties of the Recipe Card Block (such as ingredientsLayout, iconSet, steps, ingredients, recipeTitle, or settings), which could allow users with a role as low as…

  • CVE-2025-26983MedFeb 25, 2025
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in WPZOOM Recipe Card Blocks for Gutenberg & Elementor recipe-card-blocks-by-wpzoom allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Recipe Card Blocks for Gutenberg & Elementor: from n/a through <=…