{"id":5016,"date":"2025-05-19T01:37:34","date_gmt":"2025-05-19T01:37:34","guid":{"rendered":"http:\/\/localhost\/?p=5016"},"modified":"2025-05-19T01:37:34","modified_gmt":"2025-05-19T01:37:34","slug":"cve-2025-1627","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=5016","title":{"rendered":"CVE-2025-1627"},"content":{"rendered":"

CVE Details<\/h2>\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nCVE-2025-1627<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-05-19T06:15:18<\/td>\n<\/tr>\n
Last Seen<\/th>\n2025-05-19T06:22:27<\/td>\n<\/tr>\n<\/table>\n

CVSS Information<\/h3>\n\n\n\n\n\n\n\n\n\n\n
Base Score<\/th>\n0.0 ()<\/td>\n<\/tr>\n
Attack Vector<\/th>\n<\/td>\n<\/tr>\n
Attack Complexity<\/th>\n<\/td>\n<\/tr>\n
Privileges Required<\/th>\n<\/td>\n<\/tr>\n
User Interaction<\/th>\n<\/td>\n<\/tr>\n
Scope<\/th>\n<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\n<\/td>\n<\/tr>\n
Integrity Impact<\/th>\n<\/td>\n<\/tr>\n
Availability Impact<\/th>\n<\/td>\n<\/tr>\n<\/table>\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nThe Qi Blocks WordPress plugin before version 1.4 is vulnerable to a stored cross-site scripting (XSS) attack. This vulnerability allows users with the contributor role or higher to inject malicious scripts into pages or posts that use the plugin’s blocks. The issue arises because the plugin does not properly validate and escape some of its block options before outputting them back in the content. This could lead to unauthorized actions or data theft if an attacker tricks an administrator into viewing a malicious post.<\/td>\n<\/tr>\n
AI Severity<\/th>\nMedium<\/td>\n<\/tr>\n
Vendor<\/th>\nWordPress Community<\/td>\n<\/tr>\n
Product<\/th>\nQi Blocks<\/td>\n<\/tr>\n
Affected Version<\/th>\n<1.4<\/td>\n<\/tr>\n<\/table>\n

Additional Information<\/h3>\n\n\n\n\n
CVE List<\/th>\nCVE-2025-1627<\/td>\n<\/tr>\n
CWE List<\/th>\n<\/td>\n<\/tr>\n
Bulletin Family<\/th>\ncve<\/td>\n<\/tr>\n<\/table>\n

Description<\/h3>\n
\nThe Qi Blocks WordPress plugin before 1.4 does not validate and escape some of its block options before outputting them back in a page\/post where the block is embed, which could allow users with the contributor…\n<\/div>\n

CVSS Score Summary<\/h3>\n
\n

Base Score:<\/strong> %!f(string=#) ()<\/span><\/p>\n<\/div>\n

View Full CVE Details<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

CVE Details Basic Information Title CVE-2025-1627 Type cve Published 2025-05-19T06:15:18 Last Seen 2025-05-19T06:22:27 CVSS Information Base Score 0.0 () Attack Vector Attack Complexity Privileges Required…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,34,12,13,33,7,11,5],"class_list":["post-5016","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-00","tag-exploit","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\nCVE-2025-1627 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=5016\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CVE-2025-1627 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"CVE Details Basic Information Title CVE-2025-1627 Type cve Published 2025-05-19T06:15:18 Last Seen 2025-05-19T06:22:27 CVSS Information Base Score 0.0 () Attack Vector Attack Complexity Privileges Required...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=5016\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-05-19T01:37:34+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5016#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5016\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"CVE-2025-1627\",\"datePublished\":\"2025-05-19T01:37:34+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5016\"},\"wordCount\":138,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-0.0\",\"exploit\",\"news\",\"NONE\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_cve\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=5016#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5016\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5016\",\"name\":\"CVE-2025-1627 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-05-19T01:37:34+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5016#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=5016\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5016#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CVE-2025-1627\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CVE-2025-1627 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=5016","og_locale":"en_US","og_type":"article","og_title":"CVE-2025-1627 - zero redgem","og_description":"CVE Details Basic Information Title CVE-2025-1627 Type cve Published 2025-05-19T06:15:18 Last Seen 2025-05-19T06:22:27 CVSS Information Base Score 0.0 () Attack Vector Attack Complexity Privileges Required...","og_url":"https:\/\/zero.redgem.net\/?p=5016","og_site_name":"zero redgem","article_published_time":"2025-05-19T01:37:34+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=5016#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=5016"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"CVE-2025-1627","datePublished":"2025-05-19T01:37:34+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=5016"},"wordCount":138,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-0.0","exploit","news","NONE","Security","tapic","Vulnerability"],"articleSection":["category_cve"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=5016#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=5016","url":"https:\/\/zero.redgem.net\/?p=5016","name":"CVE-2025-1627 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-05-19T01:37:34+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=5016#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=5016"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=5016#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"CVE-2025-1627"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/5016","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5016"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/5016\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5016"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5016"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5016"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}