3 matches found
CVE-2024-2039
The Stackable – Page Builder Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Postv2 block title tag in all versions up to, and including, 3.12.11 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possib...
CVE-2024-2039 Stackable – Page Builder Gutenberg Blocks <= 3.12.11 - Authenticated(Contributor+) Stored Cross-Site Scripting via Posts Block
The Stackable – Page Builder Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Postv2 block title tag in all versions up to, and including, 3.12.11 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possib...
WordPress Stackable Plugin <= 3.12.11 is vulnerable to Cross Site Scripting (XSS)
Software Stackable Type Plugin Vulnerable versions = 3.12.11 Fixed in 3.12.12 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2039 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b3e3ea1b1636 Credits Ngô Thiên An ancorn -...