Newspack Blocks

CVEs (3)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2024-37424	WordPress Newspack Blocks	Cri	0.64	9.9	0.01	Jul 9, 2024	Unrestricted Upload of File with Dangerous Type vulnerability in Automattic Newspack Blocks allows Upload a Web Shell to a Web Server.This issue affects Newspack Blocks: from n/a through 3.0.8.
CVE-2024-37423	WordPress Newspack Blocks	Hig	0.55	8.5	0.00	Nov 1, 2024	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Automattic Newspack Blocks allows Path Traversal.This issue affects Newspack Blocks: from n/a through 3.0.8.
CVE-2024-37425	WordPress Newspack Blocks	Med	0.35	5.4	0.00	Nov 1, 2024	Missing Authorization vulnerability in Automattic Newspack Blocks newspack-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newspack Blocks: from n/a through 3.0.8.

CVE-2024-37424CriJul 9, 2024
WordPress
Newspack Blocks
risk 0.64cvss 9.9epss 0.01
Unrestricted Upload of File with Dangerous Type vulnerability in Automattic Newspack Blocks allows Upload a Web Shell to a Web Server.This issue affects Newspack Blocks: from n/a through 3.0.8.
CVE-2024-37423HigNov 1, 2024
WordPress
Newspack Blocks
risk 0.55cvss 8.5epss 0.00
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Automattic Newspack Blocks allows Path Traversal.This issue affects Newspack Blocks: from n/a through 3.0.8.
CVE-2024-37425MedNov 1, 2024
WordPress
Newspack Blocks
risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in Automattic Newspack Blocks newspack-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newspack Blocks: from n/a through 3.0.8.