Sploit.io - Search

Product: B Blocks - The ultimate block collection, version: >= n/a, <= 2.0.0

CVE-2025-32173

Severity: MEDIUM

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins B Blocks - The ultimate block collection allows Stored XSS. This issue affects B Blocks - The ultimate block collection: from n/a through 2.0.0.

CVSS Score: 6.5

Affected Products:

bPlugins B Blocks - The ultimate block collection - Versions: n/a

References:

https://patchstack.com/database/wordpress/plugin/b-blocks/vulnerability/wordpress-b-blocks-the-ultimate-block-collection-plugin-2-0-0-stored-cross-site-scripting-xss-vulnerability?_s_id=cve