CVE-2024-47340 — Cross-site Scripting in Post Grid AND Gutenberg Blocks

CWE-79 — Cross-site Scripting3 documents3 sources

Severity

—N/A

No vector

EPSS

0.2%

top 61.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Pickplugins Post Grid AND Gutenberg Blocks

Timeline

PublishedOct 6

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Stored XSS.This issue affects Post Grid and Gutenberg Blocks: from n/a through <= 2.2.89.

Affected Packages1 packages

▶CVEListV5pickplugins/post_grid_and_gutenberg_blocks2.2.89

🔴Vulnerability Details

CVEList

WordPress ComboBlocks plugin <= 2.2.89 - Cross Site Scripting (XSS) vulnerability↗2024-10-06

▶

GHSA

GHSA-mx9w-rcj5-fp9p: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PickPlugins Post Grid and Gutenberg Block↗2024-10-06

▶