← voltar
CVE-2024-2729

Otter Blocks < 2.6.6 - Contributor+ Stored XSS

CVSS 6.1 MEDIUMEPSS 0.4%
The Otter Blocks WordPress plugin before 2.6.6 does not properly escape its mainHeadings blocks' attribute before appending it to the final rendered block, allowing contributors to conduct Stored XSS attacks.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Produtos afetados
Unknown · Otter Blocks

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://wpscan.com/vulnerability/5014f886-020e-49d1-96a5-2159eed8ba14/