Every CVE whose affected-product data names Vektor-inc Vk Blocks, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2023-5706 — CVSS 6.4 (medium): The VK Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'vk-blocks/ancestor-page-list' block in…
CVE-2023-27923 — CVSS 5.4 (medium): Cross-site scripting vulnerability in Tag edit function of VK Blocks 1.53.0.1 and earlier and VK Blocks Pro 1.53.0.1 and earlier allows a…
CVE-2023-27925 — CVSS 5.4 (medium): Cross-site scripting vulnerability in Post function of VK Blocks 1.53.0.1 and earlier and VK Blocks Pro 1.53.0.1 and earlier allows a…
CVE-2023-0583 — CVSS 4.3 (medium): The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST 'update_vk_blocks_options' function in versions up…
CVE-2023-0584 — CVSS 4.3 (medium): The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST 'update_options' function in versions up to, and…