CVE-2024-1948
CVE-2024-1948 affects Getwid – Gutenberg Blocks (WordPress) up to version 2.0.5. Root cause: insufficient input sanitization and output escaping in block content, enabling stored XSS. Exploitation requires Contributor+ privileges and user interaction on injected pages. Fix: upgrade to version 2.0...