CVE-2024-51893

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FixoLab Postify: Post Layout For Elementor postify-for-elementor allows DOM-Based XSS.This issue affects Postify: Post Layout For Elementor: from n/a through = 1.0.1...

WordPress plugin Postify: Post Layout For Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2024-35024 · Elementor · Postify: Post Layout For Elementor

Name of the Vulnerable Software and Affected Versions: Postify: Post Layout For Elementor versions 1.0.1 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based XSS. This means an attacker could potentially inject...

WordPress Postify: Post Layout For Elementor plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Gab Patchstack Alliance in WordPress Plugin Postify: Post Layout For Elementor versions = 1.0.1...

WordPress Guten Post Layout plugin <= 1.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via align Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via align Attribute vulnerability discovered by Francesco Carlucci in WordPress Plugin Guten Post Layout versions = 1.2.4...

CVE-2024-8288

CVE-2024-8288 – Guten Post Layout (WordPress) : Stored Cross-Site Scripting via the align attribute in the Gutenberg block wp:guten-post-layout/post-grid, affecting all versions up to 1.2.4. The root cause is insufficient input sanitization and output escaping, enabling an authenticated attacker ...

CVE-2024-8288 Guten Post Layout – An Advanced Post Grid Collection for WordPress Gutenberg <= 1.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via align Attribute

The Guten Post Layout – An Advanced Post Grid Collection for WordPress Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ attribute within the 'wp:guten-post-layout/post-grid' Gutenberg block in all versions up to, and including, 1.2.4 due to insufficient...

WordPress plugin Guten Post Layout 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site scripting...

WordPress Guten Post Layout Plugin <= 1.2.4 is vulnerable to Cross Site Scripting (XSS)

Software Guten Post Layout Type Plugin Vulnerable versions = 1.2.4 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8288 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0bbd252985fb Credits Francesco Carlucci...

PT-2024-38916 · WordPress · The Guten Post Layout

Name of the Vulnerable Software and Affected Versions: The Guten Post Layout – An Advanced Post Grid Collection for WordPress versions up to, and including, 1.2.4 Description: The issue is related to Stored Cross-Site Scripting via the align attribute within the 'wp:guten-post-layout/post-grid'...

CVE-2024-6164

The Filter & Grids WordPress plugin before 2.8.33 is vulnerable to Local File Inclusion via the postlayout parameter. This makes it possible for an unauthenticated attacker to include and execute PHP files on the server, allowing the execution of any PHP code in those files...

PT-2024-37424 · WordPress · Filter & Grids

Name of the Vulnerable Software and Affected Versions: The Filter & Grids WordPress plugin versions prior to 2.8.33 Description: The issue allows an unauthenticated attacker to include and execute PHP files on the server via the post layout parameter, enabling the execution of any PHP code in tho...