The Post Grid Security Vulnerabilities - January

CVE-2023-39923

Cross-Site Request Forgery (CSRF) vulnerability in RadiusTheme The Post Grid plugin <= 7.2.7 versions.

CVE-2024-1427

The The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the section title tag attribute in all versions up to, and including, 7.7.1 due to insufficient input sanitization and output escaping on user supp...