Lucene search
+L

4 matches found

Vulnrichment
Vulnrichment
added 2024/08/29 6:0 a.m.16 views

CVE-2024-5417 Gutentor < 3.3.6 - Contributor+ Stored XSS

The Gutentor WordPress plugin before 3.3.6 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.6AI score0.00294EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/08/29 6:0 a.m.35 views

CVE-2024-5417 Gutentor < 3.3.6 - Contributor+ Stored XSS

The Gutentor WordPress plugin before 3.3.6 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

0.00294EPSS
Exploits1References1
CVE
CVE
added 2024/08/29 6:0 a.m.48 views

CVE-2024-5417

The CVE-2024-5417 entry concerns the Gutentor WordPress plugin prior to version 3.3.6. Root cause: the plugin does not validate or escape certain block options before outputting them in embedded blocks, enabling Stored XSS. Affected software: Gutentor WordPress plugin versions

5.4CVSS5.3AI score0.00294EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/08/29 12:0 a.m.17 views

WordPress Gutentor Plugin <= 3.3.5 is vulnerable to Cross Site Scripting (XSS)

Software Gutentor Type Plugin Vulnerable versions = 3.3.5 Fixed in 3.3.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5417 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7af65b4190da Credits Dmitrii Ignatyev Required...

5.4CVSS5.8AI score0.00294EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder