CVE-2024-2255
The CVE concerns the WordPress plugin Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates. It describes a Stored XSS flaw in the plugin’s widgets due to insufficient input sanitization and output escaping on user-supplied attributes (e.g., listStyle) in versions up to 4.5.2. Ex...