Lucene search
K

4 matches found

Patchstack
Patchstack
added 2024/05/20 12:0 a.m.16 views

WordPress Essential Blocks for Gutenberg Plugin <= 4.5.12 is vulnerable to Cross Site Scripting (XSS)

Software Essential Blocks for Gutenberg Type Plugin Vulnerable versions = 4.5.12 Fixed in 4.5.13 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4891 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d396af2a43d0 Credits João...

6.4CVSS5.8AI score0.00468EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/18 4:30 a.m.16 views

CVE-2024-4891 Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 4.5.12 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tagName’ parameter in versions up to, and including, 4.5.12 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.8AI score0.00468EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/18 4:30 a.m.32 views

CVE-2024-4891 Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 4.5.12 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tagName’ parameter in versions up to, and including, 4.5.12 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.9AI score0.00468EPSS
Exploits0References3
CVE
CVE
added 2024/05/18 4:30 a.m.68 views

CVE-2024-4891

CVE-2024-4891 affects the WordPress plugin Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates. Root cause is insufficient input sanitization and output escaping in the tagName parameter, enabling Stored XSS. Impact requires authenticated access (contributor+) to inject scripts...

6.4CVSS5.7AI score0.00468EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder