Lucene search
K

4 matches found

OSV
OSV
added 2024/08/08 6:15 a.m.4 views

CVE-2024-6884

The Gutenberg Blocks with AI by Kadence WP WordPress plugin before 3.2.39 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...

5.4CVSS5.8AI score0.00369EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/08/08 6:0 a.m.31 views

CVE-2024-6884 Gutenberg Blocks with AI by Kadence WP < 3.2.39 - Contributor+ Stored XSS

The Gutenberg Blocks with AI by Kadence WP WordPress plugin before 3.2.39 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...

0.00369EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/08/08 6:0 a.m.16 views

CVE-2024-6884 Gutenberg Blocks with AI by Kadence WP < 3.2.39 - Contributor+ Stored XSS

The Gutenberg Blocks with AI by Kadence WP WordPress plugin before 3.2.39 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...

5.9AI score0.00369EPSS
Exploits1References1
Patchstack
Patchstack
added 2024/08/08 12:0 a.m.13 views

WordPress Gutenberg Blocks by Kadence Blocks Plugin < 3.2.39 is vulnerable to Cross Site Scripting (XSS)

Software Gutenberg Blocks by Kadence Blocks Type Plugin Vulnerable versions 3.2.39 Fixed in 3.2.39 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6884 Patch priority Low CVSS severity Low 6.5 Developer KadenceWP PSID b202b4bfd879 Credits Dmitrii...

5.4CVSS5.8AI score0.00369EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder