4 matches found
CVE-2024-10872
The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the template-post-custom-field block in all versions up to, and including, 2.0.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wit...
CVE-2024-10872
creationtimestamp| type| source ---|---|--- 2024-11-20 11:06:56+00:00| seen| https://infosec.exchange/users/cve/statuses/113514959061509312 2024-11-20 12:54:10+00:00| seen| https://t.me/cvedetector/11583...
CVE-2024-10872 Getwid – Gutenberg Blocks <= 2.0.12 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the template-post-custom-field block in all versions up to, and including, 2.0.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wit...
WordPress Getwid – Gutenberg Blocks Plugin <= 2.0.12 is vulnerable to Cross Site Scripting (XSS)
Software Getwid – Gutenberg Blocks Type Plugin Vulnerable versions = 2.0.12 Fixed in 2.0.13 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10872 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f2813c069cfe Credits stealthcopt...