3 matches found
CVE-2024-3692 Gutenverse < 1.9.1 - Contributor+ Stored XSS
The Gutenverse WordPress plugin before 1.9.1 does not validate the htmlTag option in various of its block before outputting it back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2024-3692 Gutenverse < 1.9.1 - Contributor+ Stored XSS
The Gutenverse WordPress plugin before 1.9.1 does not validate the htmlTag option in various of its block before outputting it back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
WordPress Gutenverse Plugin < 1.9.1 is vulnerable to Cross Site Scripting (XSS)
Software Gutenverse Type Plugin Vulnerable versions 1.9.1 Fixed in 1.9.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3692 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0ff3d9170b25 Credits Dmtirii Ignatyev Required...