Vulnerabilities > Pixelgrade

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-10	CVE-2024-8241	Cross-site Scripting vulnerability in Pixelgrade Nova Blocks The Nova Blocks by Pixelgrade plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'align' attribute of the 'wp:separator' Gutenberg block in all versions up to, and including, 2.1.7 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity pixelgrade CWE-79	5.4
2023-11-22	CVE-2023-27633	Cross-Site Request Forgery (CSRF) vulnerability in Pixelgrade Customify Cross-Site Request Forgery (CSRF) vulnerability in Pixelgrade Customify – Intuitive Website Styling plugin <= 2.10.4 versions. network low complexity pixelgrade CWE-352	8.8
2023-11-06	CVE-2023-23702	Unspecified vulnerability in Pixelgrade Comments Rating Auth. network low complexity pixelgrade	4.8
2023-10-16	CVE-2023-45654	Cross-Site Request Forgery (CSRF) vulnerability in Pixelgrade Comments Rating Cross-Site Request Forgery (CSRF) vulnerability in Pixelgrade Comments Ratings plugin <= 1.1.7 versions. network low complexity pixelgrade CWE-352	8.8
2023-10-16	CVE-2023-45655	Cross-Site Request Forgery (CSRF) vulnerability in Pixelgrade Pixfields 0.7.0 Cross-Site Request Forgery (CSRF) vulnerability in PixelGrade PixFields plugin <= 0.7.0 versions. network low complexity pixelgrade CWE-352	8.8
2023-09-04	CVE-2023-40205	Cross-site Scripting vulnerability in Pixelgrade Pixtypes Unauth. network low complexity pixelgrade CWE-79	6.1
2023-07-11	CVE-2023-23704	Cross-Site Request Forgery (CSRF) vulnerability in Pixelgrade Comments Rating Cross-Site Request Forgery (CSRF) vulnerability in Pixelgrade Comments Ratings plugin <= 1.1.6 versions. network low complexity pixelgrade CWE-352	8.8
2023-07-11	CVE-2023-25487	Cross-Site Request Forgery (CSRF) vulnerability in Pixelgrade Pixtypes Cross-Site Request Forgery (CSRF) vulnerability in Pixelgrade PixTypes plugin <= 1.4.14 versions. network low complexity pixelgrade CWE-352	8.8
2023-05-09	CVE-2022-46844	Unspecified vulnerability in Pixelgrade Pixfields 0.7.0 Auth. network low complexity pixelgrade	5.4
2023-01-30	CVE-2022-4671	Unspecified vulnerability in Pixelgrade Pixcodes The PixCodes WordPress plugin before 2.3.7 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. network low complexity pixelgrade	5.4

Vulnerabilities > Pixelgrade {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Pixelgrade"}]}

Vulnerabilities > Pixelgrade