exploitDog

GHSA-p7q5-2qf4-97cw

Опубликовано: 19 апр. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 6.8

Описание

The Genesis Blocks WordPress plugin before 3.1.3 does not properly escape data input provided to some of its blocks, allowing using with at least contributor privileges to conduct Stored XSS attacks.

The Genesis Blocks WordPress plugin before 3.1.3 does not properly escape data input provided to some of its blocks, allowing using with at least contributor privileges to conduct Stored XSS attacks.

Ссылки

EPSS

Процентиль: 55%

0.00322

Низкий

6.8 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2024-2761

CVSS3: 6.8

nvd

почти 2 года назад

The Genesis Blocks WordPress plugin before 3.1.3 does not properly escape data input provided to some of its blocks, allowing using with at least contributor privileges to conduct Stored XSS attacks.

EPSS

Процентиль: 55%

0.00322

Низкий

6.8 Medium

CVSS3

CVE ID

Дефекты

CWE-79