Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
WpengineGenesis Blocks

3 matches found

CVE
CVEadded 2024/04/19 5:0 a.m.98 views

CVE-2024-2761

Genesis Blocks plugin for WordPress (versions prior to 3.1.3) contains a Stored XSS flaw from improper escaping in certain blocks, exploitable with at least contributor privileges. The issue can be triggered via crafted post content and may affect blocks rendering in frontend/backend. Remediation...

6.8CVSS5.7AI score0.00665EPSS
CVE
CVEadded 2024/07/09 8:33 a.m.64 views

CVE-2024-3563

The CVE-2024-3563 issue affects the Genesis Blocks WordPress plugin. It enables Stored XSS via the Sharing block in versions up to 3.1.3 due to insufficient input sanitization and output escaping on user-supplied attributes. An attacker with contributor-level access or higher could inject scripts...

6.4CVSS6AI score0.00349EPSS
CVE
CVEadded 2025/05/15 8:9 p.m.30 views

CVE-2024-3901

The WordPress Genesis Blocks plugin (versions 3.1.3 and earlier) is affected by a stored XSS vulnerability in which attributes passed to certain custom blocks are not properly escaped. This can allow users with post-writing permissions (e.g., Contributor) to inject malicious scripts that persist ...

6.8CVSS5.9AI score0.00472EPSS