Recipe Card Blocks For Gutenberg & Elementor
Approved changes feed: RSS · Atom
cpe:2.3:a:wpzoom:recipe_card_blocks_for_gutenberg_\&_elementor:*:*:*:*:*:wordpress:*:*
part: a version: * update: *
| Vendor | Wpzoom (41ecada1-7571-5859-ba6a-0d847e9d0d4f) |
|---|---|
| Product | Recipe Card Blocks For Gutenberg & Elementor (e4dd3968-cf6a-51a0-9729-b82dad55ae1f) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | wordpress |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-43293 |
vulnerable | 2026-06-03 14:56:44.908121 |
WordPress Recipe Card Blocks for Gutenberg & Elementor plugin <= 3.3.1 - Broken Access Control vulnerability
MEDIUM (4.3)
Missing Authorization vulnerability in WPZOOM Recipe Card Blocks for Gutenberg & Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Recipe Card Blocks for Gutenberg & Elementor: from n/a through 3.3.1.
Published: 2024-11-01T14:17:30.068Z
Updated: 2026-04-28T16:10:12.260Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-24634 |
vulnerable | 2026-06-03 14:44:02.997545 |
Recipe Card Blocks < 2.8.3 - Contributor+ Stored Cross-Site Scripting
The Recipe Card Blocks by WPZOOM WordPress plugin before 2.8.3 does not properly sanitise or escape some of the properties of the Recipe Card Block (such as ingredientsLayout, iconSet, steps, ingredients, recipeTitle, or settings), which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks.
Published: 2021-09-27T15:25:27.000Z
Updated: 2024-08-03T19:35:20.313Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-24632 |
vulnerable | 2026-06-03 14:44:02.992995 |
Recipe Card Blocks < 2.8.1 - Reflected Cross-Site Scripting
The Recipe Card Blocks by WPZOOM WordPress plugin before 2.8.1 does not escape the message parameter before outputting it back in the admin dashboard, leading to a Reflected Cross-Site Scripting issue
Published: 2021-09-27T15:25:24.000Z
Updated: 2024-08-03T19:35:20.226Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.