The Post Grid Gutenberg Blocks and WordPress Blog Plugin WordPress plugin before 4.1.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2024-06-17T06:00:01.480Z
Updated: 2024-08-01T20:33:53.172Z
Reserved: 2024-04-29T09:28:43.622Z
Link: CVE-2024-4305
Vulnrichment
Updated: 2024-07-18T20:34:08.754Z
NVD
Status : Awaiting Analysis
Published: 2024-06-17T06:15:09.140
Modified: 2024-08-01T13:59:30.377
Link: CVE-2024-4305
Redhat
No data.