Postx - Gutenberg Blocks For Post Grid@* Security Vulnerabilities and Issues — Postx - Gutenberg Blocks For Post Grid@* CVE List

Lucene search

WpxpoPostx - Gutenberg Blocks For Post Grid*

5 matches found

CVE•added 2021/09/27 4:15 p.m.•40 views

CVE-2021-24652

The PostX – Gutenberg Blocks for Post Grid WordPress plugin before 2.4.10 performs incorrect checks before allowing any logged in user to perform some ajax based requests, allowing any user to modify, delete or add ultp_options values.

6.5CVSS6.4AI score0.00183EPSS

CVE•added 2024/11/16 5:15 a.m.•39 views

CVE-2024-10728

The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the 'install_required_plugin_callback' function in all versions up to, and including, 4.1.16. This makes it possibl...

8.8CVSS8.8AI score0.39597EPSS

CVE•added 2021/09/27 4:15 p.m.•36 views

CVE-2021-24659

The PostX – Gutenberg Blocks for Post Grid WordPress plugin before 2.4.10 allows users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks via the plugin's block.

5.4CVSS5.3AI score0.0018EPSS

CVE•added 2021/09/27 4:15 p.m.•35 views

CVE-2021-24661

The PostX – Gutenberg Blocks for Post Grid WordPress plugin before 2.4.10, with Saved Templates Addon enabled, allows users with Contributor roles or higher to read password-protected or private post contents the user is otherwise unable to read, given the post ID.

4.3CVSS4.4AI score0.00237EPSS

CVE•added 2021/09/27 4:15 p.m.•33 views

CVE-2021-24660

The PostX – Gutenberg Blocks for Post Grid WordPress plugin before 2.4.10, with Saved Templates Addon enabled, allows users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks via the plugin's shortcode.

5.4CVSS5.3AI score0.0018EPSS