2 matches found
CVE-2024-5289 Gutenberg Blocks with AI by Kadence WP – Page Builder Features <= 3.2.42 - Authenticated (Contributor+) Stored Cross-Site Scripting in Google Maps Widget
The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Google Maps widget parameters in all versions up to, and including, 3.2.42 due to insufficient input sanitization and output escaping. This makes it possibl...
WordPress Gutenberg Blocks by Kadence Blocks Plugin <= 3.2.42 is vulnerable to Cross Site Scripting (XSS)
Software Gutenberg Blocks by Kadence Blocks Type Plugin Vulnerable versions = 3.2.42 Fixed in 3.2.43 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5289 Patch priority Low CVSS severity Low 6.5 Developer KadenceWP PSID ec00fb4a383b Credits wesley...