4 matches found
CVE-2024-6884
The Gutenberg Blocks with AI by Kadence WP WordPress plugin before 3.2.39 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...
CVE-2024-6884 Gutenberg Blocks with AI by Kadence WP < 3.2.39 - Contributor+ Stored XSS
The Gutenberg Blocks with AI by Kadence WP WordPress plugin before 3.2.39 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...
CVE-2024-6884 Gutenberg Blocks with AI by Kadence WP < 3.2.39 - Contributor+ Stored XSS
The Gutenberg Blocks with AI by Kadence WP WordPress plugin before 3.2.39 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...
WordPress Gutenberg Blocks by Kadence Blocks Plugin < 3.2.39 is vulnerable to Cross Site Scripting (XSS)
Software Gutenberg Blocks by Kadence Blocks Type Plugin Vulnerable versions 3.2.39 Fixed in 3.2.39 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6884 Patch priority Low CVSS severity Low 6.5 Developer KadenceWP PSID b202b4bfd879 Credits Dmitrii...