3 matches found
CVE-2024-9601
creationtimestamp| type| source ---|---|--- 2025-02-14 06:46:59+00:00| seen| https://infosec.exchange/users/cve/statuses/114000895597469528 2025-02-14 07:16:07+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3li4ntfcaem2x 2025-02-14 09:04:00+00:00| seen|...
CVE-2024-9601
CVE-2024-9601 (Qubely – Advanced Gutenberg Blocks, WordPress) is an authenticated Stored Cross-Site Scripting vulnerability in which the attacker, with Contributor-level access or higher, can inject arbitrary scripts via the align and UniqueID parameters. The issue affects all versions up to 1.8....
CVE-2024-9601 Qubely – Advanced Gutenberg Blocks <= 1.8.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'align' and 'UniqueID'
The Qubely – Advanced Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ and 'UniqueID' parameter in all versions up to, and including, 1.8.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...