← volver
CVE-2024-2729

Otter Blocks < 2.6.6 - Contributor+ Stored XSS

CVSS 6.1 MEDIUMEPSS 0.4%
The Otter Blocks WordPress plugin before 2.6.6 does not properly escape its mainHeadings blocks' attribute before appending it to the final rendered block, allowing contributors to conduct Stored XSS attacks.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Productos afectados
Unknown · Otter Blocks

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://wpscan.com/vulnerability/5014f886-020e-49d1-96a5-2159eed8ba14/