CVE-2025-48234

Name of the Vulnerable Software and Affected Versions: Ultimate Blocks versions n/a through 3.3.0

Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for DOM-Based XSS attacks.

Recommendations: For Ultimate Blocks versions n/a through 3.3.0, update to a version later than 3.3.0 to resolve the issue. As a temporary workaround, consider restricting user input to prevent malicious scripts from being injected into the webpage. Avoid using the vulnerable Ultimate Blocks version in production environments until a patch is applied.