3 matches found
CVE-2024-1854
The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the blockId parameter in all versions up to, and including, 4.5.1 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-1854
CVE-2024-1854 (WordPress plugin: Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates) The vulnerability is a Stored XSS in the blockId parameter across all versions up to and including 4.5.1 of the Essential Blocks plugin for WordPress. The root cause is insufficient input sani...
WordPress Essential Blocks for Gutenberg Plugin <= 4.5.1 is vulnerable to Cross Site Scripting (XSS)
Software Essential Blocks for Gutenberg Type Plugin Vulnerable versions = 4.5.1 Fixed in 4.5.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1854 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5f950450ff21 Credits WordFence...