3 matches found
CVE-2024-3155
The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in all versions up to, and including, 2.2.80 due to insufficient input sanitization and output escaping...
CVE-2024-3155
The CVE CVE-2024-3155 affects Gutenberg Blocks, Page Builder – Combo Blocks (WordPress plugins) up to version 2.2.80, caused by insufficient input sanitization and output escaping. This enables stored Cross-Site Scripting (XSS): authenticated attackers with Contributor+ privileges can inject scri...
WordPress Post Grid and Gutenberg Blocks Plugin <= 2.2.80 is vulnerable to Cross Site Scripting (XSS)
Software Post Grid and Gutenberg Blocks Type Plugin Vulnerable versions = 2.2.80 Fixed in 2.2.81 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3155 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f50a2abddf76 Credits João...