CVE-2024-47340

WordPress ComboBlocks plugin <= 2.2.89 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PickPlugins Post Grid and Gutenberg Blocks allows Stored XSS.This issue affects Post Grid and Gutenberg Blocks: from n/a through 2.2.89.


We have discovered 1 live websites that are affected by CVE-2024-47340.

Contact us to get more info




Affected Software

Product  Post Grid
Category Wordpress Plugins
Vulnerable Domains1 live websites (0.96% of Post Grid install base)
Vulnerable Versions
  • from 0 through 2.2.89
Vulnerable Versions Count1 versions ( 2.00% of all versions)


Common Weakness Enumeration

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')



Details

  • Published - Oct 6, 2024
  • Updated - Oct 7, 2024

Credits

  • João Pedro Soares de Alcântara - Kinorth (Patchstack Alliance) (finder)

CVE-2024-47340 usage by Country

United States1 websites

CVE-2024-47340 usage by TLD

.com1 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2024-47340

Top websites that are affected by CVE-2024-47340. Please click on the "Contact us" link to get more information.
DomainCountryRankContacts
******.com United States**,***,***
See full domain list

FAQ

CVE-2024-47340 is Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Post Grid
A total of 1 websites have been identified as vulnerable to CVE-2024-47340, discovered through global website indexing conducted by WebTechSurvey.
Post Grid is susceptible to CVE-2024-47340 vulnerability.
Post Grid versions before, and including, 2.2.89 are vulnerable to CVE-2024-47340.