Unrated severityNVD Advisory· Published May 15, 2025· Updated May 16, 2025
Post Grid and Gutenberg Blocks < 2.2.93 - Contributor+ Stored XSS
CVE-2024-9645
Description
The Post Grid, Posts Slider, Posts Carousel, Post Filter, Post Masonry WordPress plugin before 2.2.93 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/cfd6db83-5e7f-4631-87c3-fdcd4c64c4fe/mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.