Comboblocks@* Security Vulnerabilities and Issues — Comboblocks@* CVE List

PickpluginsComboblocks*

3 matches found

CVE•added 2024/06/07 5:33 a.m.•53 views

CVE-2024-4042

CVE-2024-4042 affects the WordPress plugins Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks. It is a Stored Cross-Site Scripting via the menu-wrap-item block attribute, caused by insufficient input sanitization/output escaping, in all versions up ...

6.4CVSS5.6AI score0.00263EPSS

CVE•added 2025/02/22 4:21 a.m.•49 views

CVE-2024-13798

CVE-2024-13798: Post Grid and Gutenberg Blocks – ComboBlocks for WordPress allows unauthenticated users to create orders and mark them paid due to insufficient form verification. Affected versions: all up to 2.3.5. Patch available: update to 2.3.5 (or newer) to remediate.

5.3CVSS5.2AI score0.00309EPSS

CVE•added 2024/08/01 9:29 a.m.•49 views

CVE-2024-6346

The CVE-2024-6346 entry concerns the WordPress plugins Post Grid, Gutenberg Blocks, and Combo Blocks (up to 2.2.85a). The vulnerability is a Stored Cross-Site Scripting (XSS) via the redirectURL parameter of the Date Countdown widget, caused by insufficient input sanitization and output escaping ...

6.4CVSS6.1AI score0.00306EPSS