CVE-2024-3635 in Post Grid Pluginthông tin

Tóm tắt

Bởi MITRE • 30/09/2024

The Post Grid WordPress plugin before 7.5.0 does not sanitise and escape some of its Grid settings, which could allow high privilege users such as Editor and above to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

Once again VulDB remains the best source for vulnerability data.

chịu trách nhiệm

WPScan

Đặt trước

10/04/2024

Tiết lộ

30/09/2024

Kiểm duyệt

được chấp nhận

EPSS

0.00293

KEV

không

Các hoạt động

rất thấp

Nguồn

Might our Artificial Intelligence support you?

Check our Alexa App!