3 matches found
CVE-2024-1791
The CodeMirror Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Code Mirror block in all versions up to, and including, 1.2.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level acce...
CVE-2024-1791
CVE-2024-1791 concerns the CodeMirror Blocks plugin for WordPress. According to Red Hat and Wordfence sources, versions up to and including 1.2.4 are affected due to insufficient input sanitization and output escaping in the Code Mirror block, enabling a stored cross-site scripting (XSS) conditio...
WordPress CodeMirror Blocks Plugin <= 1.2.4 is vulnerable to Cross Site Scripting (XSS)
Software CodeMirror Blocks Type Plugin Vulnerable versions = 1.2.4 Fixed in 2.0.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1791 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8f146af67463 Credits RandomRoot Required...