3 matches found
CVE-2024-3818
The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's "Social Icons" block in all versions up to, and including, 4.5.9 due to insufficient input sanitization and output escaping on user supplie...
CVE-2024-3818
CVE-2024-3818 affects the Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates WordPress plugin. The issue is a DOM-based stored XSS in the Social Icons block, arising from insufficient input sanitization/output escaping on user-supplied attributes. Affected versions include all...
WordPress Essential Blocks for Gutenberg Plugin <= 4.5.9 is vulnerable to Cross Site Scripting (XSS)
Software Essential Blocks for Gutenberg Type Plugin Vulnerable versions = 4.5.9 Fixed in 4.5.10 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3818 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4d1106e336b0 Credits João Ped...