CVE-2024-43155

WordPress ComboBlocks plugin <= 2.2.86 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PickPlugins ComboBlocks allows Stored XSS.This issue affects ComboBlocks: from n/a through 2.2.86.


We have discovered 1 live websites that are affected by CVE-2024-43155.

Contact us to get more info




Affected Software

Product  Post Grid
Category Wordpress Plugins
Vulnerable Domains1 live websites (0.96% of Post Grid install base)
Vulnerable Versions
  • from 0 through 2.2.86
Vulnerable Versions Count1 versions ( 2.00% of all versions)


Common Weakness Enumeration

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')



Details

  • Published - Aug 12, 2024
  • Updated - Aug 14, 2024

Credits

  • 4rCanJ0x! (Patchstack Alliance) (finder)

CVE-2024-43155 usage by Country

United States1 websites

CVE-2024-43155 usage by TLD

.com1 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2024-43155

Top websites that are affected by CVE-2024-43155. Please click on the "Contact us" link to get more information.
DomainCountryRankContacts
******.com United States**,***,***
See full domain list

FAQ

CVE-2024-43155 is Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Post Grid
A total of 1 websites have been identified as vulnerable to CVE-2024-43155, discovered through global website indexing conducted by WebTechSurvey.
Post Grid is susceptible to CVE-2024-43155 vulnerability.
Post Grid versions before, and including, 2.2.86 are vulnerable to CVE-2024-43155.