CVE-2024-9616
The CVE-2024-9616 entry concerns BlockMeister – Block Pattern Builder for WordPress. A Reflected Cross-Site Scripting flaw exists in all versions up to 3.1.10 due to use of add_query_arg without proper escaping, enabling unauthenticated attackers to inject scripts into pages that run when a user ...