4 matches found
CVE-2024-7132
The Page Builder Gutenberg Blocks WordPress plugin before 3.1.13 does not escape the content of post embed via one of its block, which could allow users with the capability to publish posts editor and admin by default to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml...
CVE-2024-7132
creationtimestamp| type| source ---|---|--- 2024-08-29 13:42:36+00:00| seen| https://t.me/cvedetector/4377...
CVE-2024-7132 CoBlocks < 3.1.13 - Editor+ Stored XSS
The Page Builder Gutenberg Blocks WordPress plugin before 3.1.13 does not escape the content of post embed via one of its block, which could allow users with the capability to publish posts editor and admin by default to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml...
WordPress CoBlocks Plugin < 3.1.13 is vulnerable to Cross Site Scripting (XSS)
Software CoBlocks Type Plugin Vulnerable versions 3.1.13 Fixed in 3.1.13 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7132 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2ec557475360 Credits Dmitrii Ignatyev Required...