VYPR

Spice Blocks

by WordPress

Source repositories

CVEs (2)

  • CVE-2025-48130HigJun 9, 2025
    risk 0.49cvss 7.5epss 0.00

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in spicethemes Spice Blocks spice-blocks allows Path Traversal.This issue affects Spice Blocks: from n/a through <= 2.0.7.4.

  • CVE-2025-39532HigApr 17, 2025
    risk 0.49cvss 7.5epss 0.00

    Missing Authorization vulnerability in spicethemes Spice Blocks spice-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spice Blocks: from n/a through <= 2.0.7.7.