We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
The Genesis Blocks WordPress plugin through 3.1.3 does not properly escape attributes provided to some of its custom blocks, making it possible for users allowed to write posts (like those with the contributor role) to conduct Stored XSS attacks.
Reserved 2024-04-16 | Published 2025-05-15 | Updated 2025-05-16 | Assigner WPScanCWE-79 Cross-Site Scripting (XSS)
Dmitrii Ignatyev
WPScan
wpscan.com/...rability/9502e1ac-346e-4431-90a6-61143d2df37b/
Support options