All Bootstrap Blocks
by WordPress
Source repositories
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-53824 | Hig | 0.49 | 7.5 | 0.01 | Dec 6, 2024 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in all_bootstrap_blocks All Bootstrap Blocks all-bootstrap-blocks allows PHP Local File Inclusion.This issue affects All Bootstrap Blocks: from n/a through <=… | ||
| CVE-2025-54733 | Med | 0.42 | 6.5 | 0.00 | Aug 28, 2025 | Missing Authorization vulnerability in all_bootstrap_blocks All Bootstrap Blocks all-bootstrap-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects All Bootstrap Blocks: from n/a through <= 1.3.28. | ||
| CVE-2024-43349 | Med | 0.42 | 6.5 | 0.00 | Aug 18, 2024 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in all_bootstrap_blocks All Bootstrap Blocks all-bootstrap-blocks.This issue affects All Bootstrap Blocks: from n/a through <= 1.3.19. | ||
| CVE-2024-35169 | Med | 0.38 | 5.9 | 0.00 | May 14, 2024 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in all_bootstrap_blocks All Bootstrap Blocks all-bootstrap-blocks.This issue affects All Bootstrap Blocks: from n/a through <= 1.3.15. | ||
| CVE-2024-13549 | Med | 0.35 | 6.4 | 0.00 | Jan 30, 2025 | The All Bootstrap Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the "Accordion" widget in all versions up to, and including, 1.3.26 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with… | ||
| CVE-2023-35047 | Med | 0.28 | 4.3 | 0.00 | Jul 11, 2023 | Cross-Site Request Forgery (CSRF) vulnerability in AREOI All Bootstrap Blocks plugin <= 1.3.6 versions. |
- risk 0.49cvss 7.5epss 0.01
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in all_bootstrap_blocks All Bootstrap Blocks all-bootstrap-blocks allows PHP Local File Inclusion.This issue affects All Bootstrap Blocks: from n/a through <=…
- risk 0.42cvss 6.5epss 0.00
Missing Authorization vulnerability in all_bootstrap_blocks All Bootstrap Blocks all-bootstrap-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects All Bootstrap Blocks: from n/a through <= 1.3.28.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in all_bootstrap_blocks All Bootstrap Blocks all-bootstrap-blocks.This issue affects All Bootstrap Blocks: from n/a through <= 1.3.19.
- risk 0.38cvss 5.9epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in all_bootstrap_blocks All Bootstrap Blocks all-bootstrap-blocks.This issue affects All Bootstrap Blocks: from n/a through <= 1.3.15.
- risk 0.35cvss 6.4epss 0.00
The All Bootstrap Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the "Accordion" widget in all versions up to, and including, 1.3.26 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with…
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in AREOI All Bootstrap Blocks plugin <= 1.3.6 versions.