VYPR

Post Grid Combo

by Pickplugins

CVEs (3)

  • CVE-2023-40211HigNov 30, 2023
    risk 0.51cvss 7.5epss 0.02

    Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PickPlugins Post Grid Combo – 36+ Gutenberg Blocks.This issue affects Post Grid Combo – 36+ Gutenberg Blocks: from n/a through 2.2.50.

  • CVE-2023-7072HigMar 12, 2024
    risk 0.49cvss 7.5epss 0.01

    The Post Grid Combo – 36+ Gutenberg Blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.68 via the 'get_posts' REST API Endpoint. This makes it possible for unauthenticated attackers to extract sensitive data…

  • CVE-2023-6645MedJan 11, 2024
    risk 0.42cvss 6.4epss 0.00

    The Post Grid Combo – 36+ Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom JS parameter in all versions up to, and including, 2.2.64 due to insufficient input sanitization and output escaping. This makes it possible for…