Lucene search
+L

4 matches found

osv
osv
added 2024/08/08 6:15 a.m.6 views

CVE-2024-6884

The Gutenberg Blocks with AI by Kadence WP WordPress plugin before 3.2.39 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...

5.4CVSS5.8AI score0.00369EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2024/08/08 6:0 a.m.16 views

CVE-2024-6884 Gutenberg Blocks with AI by Kadence WP < 3.2.39 - Contributor+ Stored XSS

The Gutenberg Blocks with AI by Kadence WP WordPress plugin before 3.2.39 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...

5.9AI score0.00369EPSS
Exploits1References1
cvelist
cvelist
added 2024/08/08 6:0 a.m.35 views

CVE-2024-6884 Gutenberg Blocks with AI by Kadence WP < 3.2.39 - Contributor+ Stored XSS

The Gutenberg Blocks with AI by Kadence WP WordPress plugin before 3.2.39 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...

0.00369EPSS
Exploits1References1
patchstack
patchstack
added 2024/08/08 12:0 a.m.14 views

WordPress Gutenberg Blocks by Kadence Blocks Plugin < 3.2.39 is vulnerable to Cross Site Scripting (XSS)

Software Gutenberg Blocks by Kadence Blocks Type Plugin Vulnerable versions 3.2.39 Fixed in 3.2.39 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6884 Patch priority Low CVSS severity Low 6.5 Developer KadenceWP PSID b202b4bfd879 Credits Dmitrii...

5.4CVSS5.8AI score0.00369EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder