WordPress Genesis Blocks plugin < 3.1.3 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Genesis Blocks versions 3.1.3...

WordPress Genesis Blocks plugin < 3.1.4 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Genesis Blocks versions 3.1.4...

CVE-2024-2761

The Genesis Blocks WordPress plugin before 3.1.3 does not properly escape data input provided to some of its blocks, allowing using with at least contributor privileges to conduct Stored XSS attacks...

CVE-2024-1946

The Genesis Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the block content in all versions up to, and including, 3.1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access and above,...

CVE-2024-3563

The Genesis Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Sharing block in all versions up to, and including, 3.1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attacker...

CVE-2024-3901

The Genesis Blocks WordPress plugin through 3.1.3 does not properly escape attributes provided to some of its custom blocks, making it possible for users allowed to write posts like those with the contributor role to conduct Stored XSS attacks...

CVE-2024-3901

The Genesis Blocks WordPress plugin through 3.1.3 does not properly escape attributes provided to some of its custom blocks, making it possible for users allowed to write posts like those with the contributor role to conduct Stored XSS attacks...

CVE-2024-3901

The Genesis Blocks WordPress plugin through 3.1.3 does not properly escape attributes provided to some of its custom blocks, making it possible for users allowed to write posts like those with the contributor role to conduct Stored XSS attacks...

CVE-2024-3901 Genesis Blocks <= 3.1.3 - Contributor+ Stored XSS

The Genesis Blocks WordPress plugin through 3.1.3 does not properly escape attributes provided to some of its custom blocks, making it possible for users allowed to write posts like those with the contributor role to conduct Stored XSS attacks...

CVE-2024-3901 Genesis Blocks <= 3.1.3 - Contributor+ Stored XSS

The Genesis Blocks WordPress plugin through 3.1.3 does not properly escape attributes provided to some of its custom blocks, making it possible for users allowed to write posts like those with the contributor role to conduct Stored XSS attacks...

PT-2025-21471 · WordPress · Genesis Blocks

Name of the Vulnerable Software and Affected Versions: Genesis Blocks WordPress plugin versions 3.1.3 and earlier Description: The issue arises from the plugin's failure to properly escape attributes provided to some of its custom blocks. This oversight allows users with post-writing permissions,...

WordPress plugin Genesis Blocks 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-3563

The Genesis Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Sharing block in all versions up to, and including, 3.1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attacker...

CVE-2024-3563

The Genesis Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Sharing block in all versions up to, and including, 3.1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attacker...

CVE-2024-3563

The CVE-2024-3563 issue affects the Genesis Blocks WordPress plugin. It enables Stored XSS via the Sharing block in versions up to 3.1.3 due to insufficient input sanitization and output escaping on user-supplied attributes. An attacker with contributor-level access or higher could inject scripts...

WordPress Genesis Blocks plugin <= 3.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Sharing Block Attributes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Sharing Block Attributes vulnerability discovered by Ngô Thiên An ancorn in WordPress Plugin Genesis Blocks versions = 3.1.3...

PT-2024-26575 · WordPress · Genesis Blocks

Name of the Vulnerable Software and Affected Versions: Genesis Blocks plugin for WordPress versions up to, and including, 3.1.3 Description: The issue is related to Stored Cross-Site Scripting via the plugin's Sharing block due to insufficient input sanitization and output escaping on user-suppli...

WordPress plugin Genesis Blocks security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Genesis Blocks Plugin <= 3.1.3 is vulnerable to Cross Site Scripting (XSS)

Software Genesis Blocks Type Plugin Vulnerable versions = 3.1.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3563 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID ad6dbf9e823d Credits Ngô Thiên An ancorn Require...

CVE-2024-2761

The Genesis Blocks WordPress plugin before 3.1.3 does not properly escape data input provided to some of its blocks, allowing using with at least contributor privileges to conduct Stored XSS attacks...