Security report for CVE Ultimate Blocks – WordPress Blocks Plugin > CVE-2024-3241
- CVE
- Application
- Date
- Jun 06, 2024, 23:06:33
- Research Description
- The Ultimate Blocks WordPress plugin before 3.1.7 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
- Status
-
vulnerableUnknown
- Actual on
- Oct 06, 2024, 08:10:57