📦 Post Grid

This vulnerability allows authenticated WordPress users with Contributor-level access or higher to include and execute arbitrary PHP files on the server via the 'theme' attribute in the pgcu shortcode...

The Post Grid and Gutenberg Blocks WordPress plugin has a privilege escalation vulnerability that allows authenticated users with subscriber-level access or higher to modify their user metadata and ga...

This stored XSS vulnerability in the Team Showcase WordPress plugin allows remote authenticated attackers to inject malicious JavaScript via AJAX requests. Attackers can import layouts containing harm...

This CVE describes a PHP object injection vulnerability in the Team Showcase WordPress plugin. Remote authenticated attackers can execute arbitrary code by sending specially crafted serialized objects...

This vulnerability allows authenticated WordPress users with contributor-level access or higher to inject malicious scripts into website pages via the 'tag' attribute in blocks. The scripts are stored...