4 matches found
CVE-2024-11420
The Blocksy theme for WordPress is vulnerable to Stored Cross-Site Scripting via the Contact Info Block link parameter in all versions up to, and including, 2.0.77 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-leve...
CVE-2024-11420
The Blocksy theme for WordPress is vulnerable to Stored Cross-Site Scripting via the Contact Info Block link parameter in all versions up to, and including, 2.0.77 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-leve...
CVE-2024-11420
CVE-2024-11420 (Blocksy) : The WordPress Blocksy theme is vulnerable to Stored Cross-Site Scripting via the Contact Info Block's link parameter in all versions up to 2.0.77. An attacker with Contributor-level access or higher can inject scripts that execute when users view the page containing the...
PT-2024-16979 · WordPress · Blocksy
Name of the Vulnerable Software and Affected Versions: Blocksy theme for WordPress versions up to and including 2.0.77 Description: The issue is related to Stored Cross-Site Scripting via the link parameter of the Contact Info Block. This is due to insufficient input sanitization and output...