Lucene search
K

4 matches found

NVD
NVD
added 2025/05/15 8:16 p.m.8 views

CVE-2024-9645

The Post Grid, Posts Slider, Posts Carousel, Post Filter, Post Masonry WordPress plugin before 2.2.93 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform...

5.4CVSS0.00254EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/15 8:7 p.m.15 views

CVE-2024-9645 Post Grid and Gutenberg Blocks < 2.2.93 - Contributor+ Stored XSS

The Post Grid, Posts Slider, Posts Carousel, Post Filter, Post Masonry WordPress plugin before 2.2.93 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform...

0.00254EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/15 8:7 p.m.7 views

CVE-2024-9645 Post Grid and Gutenberg Blocks < 2.2.93 - Contributor+ Stored XSS

The Post Grid, Posts Slider, Posts Carousel, Post Filter, Post Masonry WordPress plugin before 2.2.93 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform...

6AI score0.00254EPSS
Exploits1References1
CVE
CVE
added 2025/05/15 8:7 p.m.31 views

CVE-2024-9645

CVE-2024-9645 : The WordPress plugin Post Grid and Gutenberg Blocks (ComboBlocks) versions prior to 2.2.93 fail to validate/escape certain block options before rendering in pages/posts, enabling stored XSS by users with contributor+ privileges. Documented impact states that an attacker with low p...

5.4CVSS5.9AI score0.00254EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder