WordPress Genesis Blocks plugin < 3.1.4 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Genesis Blocks versions 3.1.4...

CVE-2024-2761

The Genesis Blocks WordPress plugin before 3.1.3 does not properly escape data input provided to some of its blocks, allowing using with at least contributor privileges to conduct Stored XSS attacks...

WordPress Genesis Blocks plugin <= 3.1.2 - Authenticated(Contributor+) Stored Cross-Site Scripting via Block Content vulnerability

AuthenticatedContributor+ Stored Cross-Site Scripting via Block Content vulnerability discovered by Ngô Thiên An ancorn in WordPress Plugin Genesis Blocks versions = 3.1.2...

WordPress Genesis Blocks Plugin <= 3.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Genesis Blocks Type Plugin Vulnerable versions = 3.1.2 Fixed in 3.1.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1946 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4a98ab741df8 Credits Ngô Thiên An ancorn...