CVE-2021-24751

Published: 2021-11-29T09:15Z

Last Modified: 2024-11-21T05:53Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

The GenerateBlocks WordPress plugin before 1.4.0 does not validate the generateblocks/container block's tagName attribute, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt