ByteOS Network

landwire

Source -

CNA

BOS Name -

N/A

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

2Vulnerabilities found

CVE-2025-62135

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-6.5||MEDIUM

EPSS-0.01% / 2.08%

7 Day CHG-0.03%

Published-31 Dec, 2025 | 11:56

Updated-20 Jan, 2026 | 15:17

WordPress Responsive Block Control plugin <= 1.2.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in landwire Responsive Block Control allows DOM-Based XSS.This issue affects Responsive Block Control: from n/a through 1.2.9.

Vendor-landwire

Product-Responsive Block Control

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2025-2303

Assigner-Wordfence

View Details

Assigner-Wordfence

CVSS Score-8.8||HIGH

EPSS-1.29% / 79.41%

7 Day CHG~0.00%

Published-22 Mar, 2025 | 06:41

Updated-01 Apr, 2025 | 16:25

Block Logic <= 1.0.8 - Authenticated (Contributor+) Remote Code Execution

The Block Logic – Full Gutenberg Block Display Control plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.0.8 via the block_logic_check_logic function. This is due to the unsafe evaluation of user-controlled input. This makes it possible for authenticated attackers, with Contributor-level access and above, to execute code on the server.

Vendor-landwire

Product-Block Logic – Full Gutenberg Block Display Control

CWE ID-CWE-94

Improper Control of Generation of Code ('Code Injection')