2 matches found
CVE-2024-6346 Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks <= 2.2.85 - Authenticated (Contributor+) Stored Cross-Site Scripting via redirectURL Parameter of Date Countdown Widget
The Gutenberg Blocks, Page Builder – ComboBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the redirectURL parameter of the Date Countdown widget, in all versions up to, and including, 2.2.85 due to insufficient input sanitization and output escaping on user supplied...
WordPress Post Grid and Gutenberg Blocks Plugin <= 2.2.85a is vulnerable to Cross Site Scripting (XSS)
Software Post Grid and Gutenberg Blocks Type Plugin Vulnerable versions = 2.2.85a Fixed in 2.2.86 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6346 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0a3eb3d1bba0 Credits...