Cozy Blocks – Page Builder Blocks for FSE and Gutenberg Editor, Gutenberg Blocks, WooCommerce Blocks, Post Blocks, Slider, f86585b6143ce861327fe42480b14d46c273090c

CVE, Research URL: f86585b6143ce861327fe42480b14d46c273090c
Home page URL: Security reports for Cozy Blocks – Page Builder Blocks for FSE and Gutenberg Editor, Gutenberg Blocks, WooCommerce Blocks, Post Blocks, Slider
Application: Cozy Blocks – Page Builder Blocks for FSE and Gutenberg Editor, Gutenberg Blocks, WooCommerce Blocks, Post Blocks, Slider
Published on: Jul 18, 2023
Research Description: Cozy Blocks – Page Builder for Gutenberg & Site Editor,Post Blocks, WooCommerce Blocks, Magazine Blocks, WordPress Gutenberg Blocks, Patterns and Templates Library [cozy-addons] < 1.2.4 WordPress Cozy Addons for Elementor Plugin <= 1.2.3 is vulnerable to Cross Site Scripting (XSS) Update the WordPress Cozy Addons for Elementor plugin to the latest available version (at least 1.2.4). Rafie Muhammad (Patchstack) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Cozy Addons for Elementor Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 1.2.4.
Affected versions: max 1.2.4.
Status: vulnerable

Cozy Blocks &#8211; Page Builder Blocks for FSE and Gutenberg Editor, Gutenberg Blocks, WooCommerce Blocks, Post Blocks, Slider, f86585b6143ce861327fe42480b14d46c273090c