July 1, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Russian APT29 Exploits RDP Files in Spear-Phishing Campaign Targeting Over 100 Organizations – Active IOCs
October 31, 2024Multiple Apple Products Vulnerabilities
October 31, 2024Russian APT29 Exploits RDP Files in Spear-Phishing Campaign Targeting Over 100 Organizations – Active IOCs
October 31, 2024Multiple Apple Products Vulnerabilities
October 31, 2024
Severity
Medium
Analysis Summary
CVE-2024-50429 CVSS:6.5
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPBlockArt Magazine Blocks allows Stored XSS.This issue affects Magazine Blocks: from n/a through 1.3.15.
CVE-2024-50431 CVSS:5.9
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Cloudways Breeze allows Stored XSS.This issue affects Breeze: from n/a through 2.1.14.
CVE-2024-50432 CVSS:6.5
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PickPlugins Post Grid and Gutenberg Blocks allows Stored XSS.This issue affects Post Grid and Gutenberg Blocks: from n/a through 2.2.93.
Impact
- Cross-Site Scripting
Indicators of Compromise
CVE
- CVE-2024-50429
- CVE-2024-50431
- CVE-2024-50432
Affected Vendors
WordPress
Affected Products
- WPBlockArt Magazine Blocks - n/a
- Cloudways Breeze - n/a
- PickPlugins Post Grid and Gutenberg Blocks - n/a
Remediation
Upgrade to the latest version of Plugin, available from the WordPress Plugin Directory.