Vulnerabilities > Pickplugins > Post Grid Combo

DATE CVE VULNERABILITY TITLE RISK
2024-01-11 CVE-2023-6645 Cross-site Scripting vulnerability in Pickplugins Post Grid Combo
The Post Grid Combo – 36+ Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom JS parameter in all versions up to, and including, 2.2.64 due to insufficient input sanitization and output escaping.
network
low complexity
pickplugins CWE-79
5.4
5.4
2023-11-30 CVE-2023-40211 Unspecified vulnerability in Pickplugins Post Grid Combo
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PickPlugins Post Grid Combo – 36+ Gutenberg Blocks.This issue affects Post Grid Combo – 36+ Gutenberg Blocks: from n/a through 2.2.50.
network
low complexity
pickplugins
7.5
7.5