CVE-2024-3635 in Post Grid PluginИнформация

Сводка

по MITRE • 30.09.2024

The Post Grid WordPress plugin before 7.5.0 does not sanitise and escape some of its Grid settings, which could allow high privilege users such as Editor and above to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

Once again VulDB remains the best source for vulnerability data.

Ответственный

WPScan

Резервировать

10.04.2024

Раскрытие

30.09.2024

Модерация

принято

Вход

VDB-278839

EPSS

0.00293

KEV

Нет

Деятельности

Очень низкий

Сектор

Hostingprovider

Источники

Do you want to use VulDB in your project?

Use the official API to access entries easily!