ZIP_AI_CREDIT_TOPUP_URL is not strictly validated or sanitized, an attacker could craft a malicious URL and inject arbitrary parameters, leading to phishing, open redirects, or unauthorized actions on external services
This vulnerability affects the following application versions:
- Spectra – WordPress Gutenberg Blocks 2.10.2
- Spectra – WordPress Gutenberg Blocks 2.10.3
- Spectra – WordPress Gutenberg Blocks 2.10.4
- Spectra – WordPress Gutenberg Blocks 2.10.5
- Spectra – WordPress Gutenberg Blocks 2.11.0
- Spectra – WordPress Gutenberg Blocks 2.11.1
- Spectra – WordPress Gutenberg Blocks 2.11.2
- Spectra – WordPress Gutenberg Blocks 2.11.3
- Spectra – WordPress Gutenberg Blocks 2.11.4
- Spectra – WordPress Gutenberg Blocks 2.12.0
- Spectra – WordPress Gutenberg Blocks 2.12.1
- Spectra – WordPress Gutenberg Blocks 2.12.2
- Spectra – WordPress Gutenberg Blocks 2.12.3
- Spectra – WordPress Gutenberg Blocks 2.12.4
- Spectra – WordPress Gutenberg Blocks 2.12.5
- Spectra – WordPress Gutenberg Blocks 2.12.6
- Spectra – WordPress Gutenberg Blocks 2.12.7
- Spectra – WordPress Gutenberg Blocks 2.12.8
- Spectra – WordPress Gutenberg Blocks 2.12.9
- Spectra – WordPress Gutenberg Blocks 2.13.0
- Spectra – WordPress Gutenberg Blocks 2.13.1
- Spectra – WordPress Gutenberg Blocks 2.13.2
- Spectra – WordPress Gutenberg Blocks 2.13.3
- Spectra – WordPress Gutenberg Blocks 2.13.4
- Spectra – WordPress Gutenberg Blocks 2.13.5
- Spectra – WordPress Gutenberg Blocks 2.13.6
- Spectra – WordPress Gutenberg Blocks 2.13.7
- Spectra – WordPress Gutenberg Blocks 2.13.8
- Spectra – WordPress Gutenberg Blocks 2.13.9
- Spectra – WordPress Gutenberg Blocks 2.14.0
- Spectra – WordPress Gutenberg Blocks 2.14.1
- Spectra – WordPress Gutenberg Blocks 2.15.0
- Spectra – WordPress Gutenberg Blocks 2.15.1
- Spectra – WordPress Gutenberg Blocks 2.15.2
- Spectra – WordPress Gutenberg Blocks 2.15.3
- Spectra – WordPress Gutenberg Blocks 2.16.0
- Spectra – WordPress Gutenberg Blocks 2.16.1