5 matches found
CVE-2021-24760
The Gutenberg PDF Viewer Block WordPress plugin before 1.0.1 does not sanitise and escape its block, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks...
CVE-2021-24760 Gutenberg PDF Viewer Block < 1.0.1 - Contributor+ Stored Cross-Site Scripting
The Gutenberg PDF Viewer Block WordPress plugin before 1.0.1 does not sanitise and escape its block, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks...
WordPress 插件 跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL server set up a personal blog site.WordPress plugin is a WordPress open source application plugin. The WordPress plugin Gutenberg PDF Viewer Block suffers from a...
WordPress Gutenberg PDF Viewer Block plugin <= 1.0 - Stored Cross-Site Scripting (XSS) vulnerability
Stored Cross-Site Scripting XSS vulnerability discovered by apple502j in WordPress Gutenberg PDF Viewer Block plugin versions = 1.0. Solution Update the WordPress Gutenberg PDF Viewer Block plugin to the latest available version at least 1.0.1...
Gutenberg PDF Viewer Block < 1.0.1 - Contributor+ Stored Cross-Site Scripting
The plugin does not sanitise and escape its block, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks. PoC...