3 matches found
CVE-2024-2729
The Otter Blocks WordPress plugin before 2.6.6 does not properly escape its mainHeadings blocks' attribute before appending it to the final rendered block, allowing contributors to conduct Stored XSS attacks...
CVE-2024-2729
The Otter Blocks WordPress plugin is vulnerable to a stored XSS in all versions prior to 2.6.6, caused by improper escaping of the mainHeadings block attribute when rendering the final block. This is CVE-2024-2729. A fix is available in version 2.6.6 and later; updating to 2.6.6+ is the advised r...
WordPress Otter - Gutenberg Block Plugin < 2.6.6 is vulnerable to Cross Site Scripting (XSS)
Software Otter - Gutenberg Block Type Plugin Vulnerable versions 2.6.6 Fixed in 2.6.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2729 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a1049e66d162 Credits Dmitrii Ignatyev...