CVE-2024-7132

NVD Published Date: August 29, 2024 at 11:15 AM
NVD Last Modified: August 29, 2024 at 08:37 PM
Download Patch
Vulnerability ID
CVE-2024-7132
Severity
None
Severity Score
None
Summary
The Page Builder Gutenberg Blocks WordPress plugin before 3.1.13 does not escape the content of post embed via one of its block, which could allow users with the capability to publish posts (editor and admin by default) to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Mitigation and Patches
-
Exploits
-
Metasploit Payload
-
Vector
None
CWE ID
None

Recent Publish

CVE-2024-29724

CVE-2024-7606

CVE-2024-29729

CVE-2024-7856

CVE-2024-29726

CVE-2024-29723

See SecOps Solution
in action

Schedule Demo