Eaglevisionit

eaglevisionit

3 CVEs • 2 products

Products (2)

Click to collapse

Toggle

Evision Responsive Column Layout Shortcodes

evision_responsive_column_layout_shortcodes

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-0506 1Eaglevisionit 1Rise Blocks Jun 17, 2026 Feb 12, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The Rise Blocks – A Complete Gutenberg Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the titleTag parameter in all versions up to, and including, 3.6 due to insufficient input sanitiz...Show more The Rise Blocks – A Complete Gutenberg Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the titleTag parameter in all versions up to, and including, 3.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.Show less
CVE-2023-51378 1Eaglevisionit 1Rise Blocks Jun 17, 2026 Dec 29, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Rise Themes Rise Blocks – A Complete Gutenberg Page Builder.This issue affects Rise Blocks – A Complete Gutenberg Page Builder: from n/a through 3.1.
CVE-2023-0064 1Eaglevisionit 1Evision Responsive Column Layout Shortcodes Jun 17, 2026 Mar 6, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The eVision Responsive Column Layout Shortcodes WordPress plugin through 2.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which co...Show more The eVision Responsive Column Layout Shortcodes WordPress plugin through 2.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.Show less