CVE-2024-54272

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Dec 13, 2024
CWE ID 79

Summary

CVE-2024-54272 is a Cross-site Scripting (XSS) vulnerability affecting Radius Blocks – WordPress Gutenberg Blocks. The flaw, which permits stored XSS, arises from the theme's failure to neutralize user input during web page generation. This issue potentially impacts installations of the plugin from the unspecified version 1 through 2.1.2. A successful attack could result in the execution of malicious scripts in users' browsers when they visit a compromised site.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share