Post Grid Combo Security Vulnerabilities and Issues — Post Grid Combo CVE List

PickpluginsPost Grid Combo

3 matches found

CVE•added 2024/03/12 10:32 p.m.•98 views

CVE-2023-7072

CVE-2023-7072 affects the Post Grid Combo – 36+ Gutenberg Blocks WordPress plugin. All versions up to 2.2.68 expose sensitive data via the get_posts REST API endpoint, allowing unauthenticated access to full draft posts, password-protected posts, and passwords. The issue is an Information Exposur...

7.5CVSS8AI score0.00618EPSS

CVE•added 2024/01/11 8:32 a.m.•79 views

CVE-2023-6645

The Post Grid Combo – 36+ Gutenberg Blocks WordPress plugin is vulnerable to Stored Cross-Site Scripting via the custom JS parameter in versions up to 2.2.64 due to insufficient input sanitization and output escaping. Authenticated attackers with contributor access or higher can inject scripts th...

6.4CVSS5.2AI score0.00348EPSS

CVE•added 2023/11/30 3:3 p.m.•34 views

CVE-2023-40211

CVE-2023-40211 affects PickPlugins Post Grid Combo – 36+ Gutenberg Blocks (WordPress Post Grid) with versions up to 2.2.50. The vulnerability is an information exposure allowing unauthenticated access, as detailed in PatchStack and Nuclei templates (POST/REST paths likely expose sensitive data to...

7.5CVSS7.8AI score0.02041EPSS