📦 Spectra

This Server-Side Request Forgery (SSRF) vulnerability in the Spectra WordPress plugin allows attackers to make unauthorized requests from the vulnerable server to internal or external systems. It affe...

This vulnerability allows attackers to bypass authorization controls in the Spectra WordPress plugin, potentially enabling unauthorized actions. It affects all WordPress sites using Spectra versions u...

This CVE describes a Missing Authorization vulnerability in the Brainstorm Force Spectra WordPress plugin, allowing attackers to exploit incorrectly configured access control security levels. It affec...

This stored XSS vulnerability in the Spectra WordPress plugin allows attackers to inject malicious scripts into web pages that are then executed when other users view those pages. It affects all WordP...

This CVE describes a Missing Authorization vulnerability in the Spectra WordPress plugin (formerly Ultimate Addons for Gutenberg) that allows unauthorized users to perform actions they shouldn't have ...

This vulnerability allows attackers to inject malicious HTML/JavaScript code into Spectra WordPress plugin pages through unauthenticated email input. It affects all WordPress sites using Spectra (form...

The Spectra WordPress plugin has a stored XSS vulnerability in versions up to 2.13.0 that allows authenticated attackers with author-level permissions to inject malicious scripts into pages. These scr...

The Spectra WordPress Gutenberg Blocks plugin has a stored XSS vulnerability in its Testimonial block. Authenticated attackers with contributor-level access or higher can inject malicious scripts that...

The Spectra WordPress plugin (formerly Ultimate Addons for Gutenberg) has a path traversal vulnerability that allows authenticated users with contributor-level permissions or higher to read any attrib...